What to do about suspicious email activity?

By May 4th, 2016Business, Tips

If your friends or clients report having received emails advertising replica Rolex watches, or messages claiming you have been robbed and click a link to send money or perhaps just a link to a website and they see it is your address in the ‘from’ address, your email account had probably been compromised. Unless you know what to look for and what systems to have in place, this will continue, causing havoc to your contacts if they click the links or open any attached files. Friends and clients will think you are spamming them which both embarrassing and unprofessional. Links and file attachments in these messages generally contain viruses and malware. You might also find your contacts or all the messages in your inbox have been deleted.

Email spoofing is when email identity fields, such as ‘From’ or ‘Reply-to address’ are modified to appear to be from someone other than the actual sender. Mail is being sent from somewhere else with your address being forged onto its identity field line.

Hacking is when someone breaks into a computer or network. Mail is actually being sent from your account by someone logged in to your server as you.

How did this happen?

Your computer or device was most likely compromised in one of four ways:

  1. You do not have up-to-date security software installed.
  2. Your passwords are weak and easily hacked.
  3. You clicked on a malicious link in an email, IM conversation, or on a social networking site, or webpage.
  4. You downloaded a game, video, song, or attachment.

What you can do

If your email account has been compromised, then you will have some clean up work to do.

  1. Notify your contacts let them know that your email account has been compromised and warn them to ignore strange messages they may receive.
  2. Log in to your email account and change your password. Never give your email password to anyone or enter it into any website other than your own email server in the normal course of logging in to read your mail.
  3. Install and maintain anti-virus software. Run a full scan to check your computers and devices
  4. Install a firewall and configure it to restrict traffic coming into and leaving your computer.
  5. Check your vacation/auto responses. These are a perfect way for a hacker to be sending out false messages that look like they have come from you.
  6. Back up your contacts to a CSV spreadsheet file so they are not permanently lost.
  7. Find out what else has been compromised. Change any other accounts that use the same username and password as your compromised email. Spammers are savvy enough to know that most people reuse passwords for multiple accounts, so they may try your login in other email applications and social media.

Note

If you don’t know exactly how the hacker access your email account, consider that they might use the same trick to get in again. For example, if your computer is infected with spyware, it could report your new password back to the hacker as easily as it reported your old one.

Prevention is better that cure

  1. Use strong passwords for your email account. The longer the password, the better (tips on setting passwords)
  2. Don’t use the same password across multiple online services or applications.
  3. Don’t give other people access to your email account.
  4. When you are sharing a network with other people, your data is at risk. This includes your user name and password for your email account.
  • Turn off sharing will help to protect you but you can still be vulnerable. Windows > control panel > network and internet > network and sharing center and click Choose Change Advanced Sharing Settings. Once here, you should definitely turn off file and printer sharing, and you may as well turn off network discovery and Public folder sharing. Mac > system preferences > sharing and make sure all the boxes are unchecked. You will also want to turn off network discovery, which will be in the same place. This will prevent others from even seeing your machine on the network. If you use an unsecured network to log in to an unencrypted site — or a site that uses encryption only on the sign-in page — other users on the network can see what you see and what you send. They could then hijack your session and log in as you. Don’t stay permanently signed in to accounts.
  • When you’ve finished using an account, log out.
  • Consider changing the settings on your mobile device so that it doesn’t automatically connect to nearby Wi-Fi. That way, you have more control over when and how your device uses public Wi-Fi.
  • Even if you haven’t actively connected to a network, the WiFi hardware in your computer is still transmitting data between any network within range. Keep Wifi off when you don’t need it.
  • Do you really need to use the public WiFi?
  1. Be very careful where you store information such as passwords or secret/account reminder questions that you can use to authenticate your account recovery.
  2. Install, run and keep virus protection on your computers and devices.
  3. Don’t click on links in emails unless you are sure it is a safe link.
  4. Avoid opening email attachments, especially if they are from people you don’t know.
  5. Don’t responding to a fraudulent “phishing” email with your account information (password, security questions, etc.).
  6. Check your contacts list and delete email contacts that you don’t recognise.
  7. Advise your friends and family not to send group messages with a comments such as “Check out this cool video” and a link
  8. Have an alternate/recovery email address so you can still log in to your main email account in case a hacker changes the password.
  9. Avoid including your email address in online blogs and posts. Try using (at) and (dot)com instead of @ and .com to prevent malicious automations from harvesting your address.
  10. Avoid using your primary email account for everything online. If you are signing up for something like a mailing list, contest, application form, or something similar, use a free throwaway email account like Gmail or Hotmail, something you don’t mind deleting if it gets abused.
  11. Do not forward emails which you suspect as being scams.
  12. Do not open attachments from unknown sources.
  13. When sending emails to multiple recipients, list their addresses in the ‘BCC’ (blind copy) box instead of in the ‘To’ box. In this way, no recipient will see the names of the others, and if their addresses fall into the wrong hands there will be less chance of you or anybody else receiving phishing or spam emails.
  14. Most email clients come with spam filtering as standard. Ensure yours is switched on.

Don’t open emails that fit this description:

  1. The email does not directly correspond to any action you recently took. It may claim to be about ‘system upgrades’ or other vague topics. It may allude to a purchase you did not make, a parcel you did not send, or a lottery you did not enter. Don’t let curiosity get you in danger
  2. The email does not address you by your full name, but rather by your e-mail address, or by ‘Dear customer’.
  3. The email contains links which may appear to lead to a legitimate site, but actually lead to a malicious site.
  4. The address on the ‘From:’ is obviously phony.

Email is an excellent communication tool as well as a great way that you can inform clients and prospects about your products and services. However, email is frequently used to deliver unwanted material which is at best, annoying and at worst, malicious – causing considerable harm to your computer, your business and yourself. Put some good systems in place to prevent damaging your reputation and your data as well as causing unnecessary stress and inconvenience.

Related articles

Tags:

Caroline Siassios

About Caroline Siassios

Leave a Reply