« Back to Blog

My Email was Compromised, Now What?

By Jorge Rodriguez
Oct 31, 2018

Is there any company that doesn’t use email out there? Probably not, right? This is because email is a standard in pretty much every organization across the globe. Email is typically the primary way that businesses communicate with employees and customers in real-time. If you use your email for other things such as subscriptions to news or for apps that require an email address to get set up, you probably also get flooded with several marketing emails from those companies.

Because we do this, it is really easy to get hundreds of emails a day. Some may be things that you are interested in and others may be something that you automatically trash without even opening it. You may even open the message to find an unsubscribe button or mark it as spam.

Now, if this is your work email, you more than likely read all your emails since you do not want to miss an important communication with a potential client or even your boss. This is something hackers are fully aware of and find tricks to get you to open emails and have you click on things that can potentially harm the business. This type of cyber crime is called, phishing. Hackers are no longer sending emails from “royalty” in other countries asking to send money and they will pay you back with interest. Hackers are now disguising themselves as customers or even your boss! If an email is from someone and that person claims they never sent you that email, there is a possibility that the real email address was “spoofed.” This is a clever trick that is done because hackers still depend on the human error factor to penetrate a company’s infrastructure.

Scary, huh? Well, there is no need to panic. There are a few tips and tricks that you can do to help mitigate or altogether prevent damage or business interruption caused by phishing or spoofing.

How can your business prevent attacks like phishing or spoofing?

First, training your employees and teams on how to recognize phishing attempts will only work if the fake emails look different from trusted emails. Some things to first recognize are:

These are things that should raise suspicion when received. That last point is quite common since most individuals do not thoroughly inspect the email address. Hackers usually have a misspelled domain but at a glance looks legit. An example would be from “jorge@jungledsk.com” versus “jorge@jungledisk.com.” You can see that at a quick glance these two email addresses look the same but a closer look will show the first is missing a letter.

Just like everything else though, you can prep and train all you want, but what if you become a victim of a phishing attempt? What should you do? Are your contacts asking you why you sent them an email that you are sure you did not send? Here are some recommendations on what to do if your email is compromised:

Change your password

Report the incident

Reach out

Scan your computer

Hackers are becoming more and more sophisticated as the years come by. Just like you have your guard up when you know something doesn’t feel right in your day to day activities, we need to have that same awareness and be just as observant in the cyber world.