Getting one of your business email accounts hacked CAN AND WILL HAPPEN without proper procedures in place and once that email account gets hacked it can balloon into wire transfer fraud, stolen data, and email blasts that can cause damage to your reputation
So here is how to ensure that your business email accounts won’t be hacked?
1) Turn on 2-Factor Authentication
This is by far the most important step. Yes, turning on 2FA can be a pain, and certain users may complain that they don’t want to deal with texts or 6-digit codes when logging in, but TOO BAD because you have to turn this on.
If you don’t turn on MFA/2FA you will get hacked, it’s just a matter of by who, how bad, and when
All email services now provide this option, so turn it on for your whole organization and reduce the likelihood of email hacks down to nearly 0%
Office 365 – Login to the admin portal and then go to ACTIVE USERS and then select Multi-Factor Authentication and Enable for everyone
Google Workspace –
In the Admin console, go to Menu
Security
Authentication
- Check the Allow users to turn on 2-Step Verification box.
- Select Enforcement
2) Turn on EXTERNAL email alerts
Even with 2FA turned on it cannot stop people from pretending to be people from within your organization. Anyone can create a GMAIL account and then set up their display name to fake anything they want. To help people identify fake outside emails, turn on EXTERNAL alerts and then people will be made aware that emails did not come from within your own email system
Office 365 – Run Exchange Powershell and use this command: Set-ExternalInOutlook – Enabled $true
Google Workspace –
- In the Admin console, go to Menu
Apps
- Scroll to and click Warn for external recipients
3) Purchase Spam Filtering Services
Most email services have a built-in spam filtering service but they only work as a rudimentary catchall. Much like Windows Defender will find the most basic of viruses, built-in spam filters will only find the most rudimentary of spam.
You can create custom rules in Office 365 and Google Workspace or you can purchase advanced 3rd party services like HornetSecurity, Spambrella, and SpamTitan
These services have more advanced link filtering, can stop hacked accounts from sending emails, and easily allow you to set up company-wide ALLOW and BLOCK lists
4) Setup Additional Security & Alerting
You can get proactive with Office 365 & Google Workspace and set up proactive alerts that notify you when accounts are being targeted.
If a bot or hackers successfully deduces a password but fail to get past the 2FA login step then it is a good idea to set up alerts that notify admins that an account password has been discovered
You can also create alerts when multiple attempts have been made or whenever an account has set up a forwarding rule (which is a common symptom of a hacked email account), when someone has sent a mass email, or when certain keywords have been triggered
Office 365 – Login to the admin panel, go to Security – Email & Collaboration – Policies & Rules – Alert Policies – Turn on applicable policies and set up the email alerts to go to your IT admins
Google Workspace –
- In the Admin console, go to Menu
Rules.
- Click a rule to open the Rule details page.
- Click the Actions panel.
- If the Alerts option is present, be sure the alert is turned On, and choose a default severity level.
- In Send email notifications, you have the option to select All super administrators as well as click Add email recipients to add multiple recipients from the list of users in your domain
If you need help with email security please reach out to the experts at LME Services
