A common complaint by many users lately has been spam emails appearing to come from their own accounts. Despite not knowing why, reports of business colleagues, suppliers, clients and even friends and family, receiving spam email that appears to come from them has many people worried.
Some have had their accounts suspended or shut down by their service providers as a result. Thus the experience can be highly disruptive and it can cause issues both in your professional and personal life.
The key to defense is learning how these attacks happen and figuring out what you can do to protect yourself and your staff against them.
Hackers Using Your Email Against You
Scammers and spammers are continually looking for ways to make the process easier, faster and cheaper. It’s the best way in which they can make more money every day by scamming unsuspecting victims.
One of the most efficient ways they do this is by hijacking trusted email accounts like your own. Hackers have several tools at their disposal to hijack your accounts.
The principles that make email fast and easy to use means that certain details, such as those in the ‘from’ field, are very easy to fake. A hacker can change this information to make it appear as if the email comes from anyone they choose.
The issue though is that there is not much you can do to defend your email against such an attack. However, you can work to verify that an email, even one you expect to receive, does come from the person you believe it to. If your email provider flags up an incoming email as ‘suspicious’, or ‘untrustworthy’, it very well may be.
Leaked emails are often put up for sale on the dark web following hacks of major companies and service providers. From here hackers can buy large bundles of email addresses and passwords.
The value of these details comes from passwords being unlikely to have been changed, and thus the hackers get easy access to your actual mail accounts, any associated services and any other accounts that use the same password – another reason not to use the same password across multiple accounts.
How To Detect a Possible Intrusion
It may take a long time before you’re aware that malicious hackers are using your details and you may even be the last person in your contacts to find out.
The first sign is to look out for a large number of unexpected emails in your inbox. These are likely to be replies to emails that you never sent. Out of office, automatic responses, people complaining about spam and people responding to the email as if it were genuine may all come to you first.
Keep an eye on your inbox (or even your outbox and sent items folders) for unexpected emails suddenly appearing. A hacker may be trying to spear-phish someone that you do business with or trust. By acting as you (by using your details), they may be able to divert payments or confidential information to their accounts instead.
Protecting Yourself Against Hackers and Hijackers
Sometimes the attacks have come through malicious software giving hackers access to your services.
Change your passwords immediately if you believe your email has been accessed by hacker. Also use a different and more secure password for your email than you do for every other service. Remember that your email account is often the key to accessing many of the online services that you use most.
Run a virus scan and make sure you have installed the latest Windows Updates if you think your computer could have been infected. Have your machine and services looked at by a professional if you believe there is a risk your data is being used or that money has been lost.
If you think your email could have been hijacked or your details used elsewhere, contact us at 661-263-4442