One of the areas where most companies and individuals are least secure against cyberheists is through their email use. Since your email is hosted by someone else and can be accessed from all over the world, increasing your security is a little more complicated than it is for your internal systems. It requires stricter policies regarding email use and more vigilant verification of use.
This issue was brought to light recently when an anonymous American company lost $15 million dollars in a cyberheist. The cyberheist was enacted through their email and took over two months of work before the money was stolen. The cyberheist is notable because it was not the result of spam or malware, but rather a criminal gaining unauthorized and unnoticed access to one of the company’s employee’s email accounts and very carefully using that to their advantage.
Ariel Parnes of Mitiga helped the FBI investigate the cyberheist and reported on the process. The criminal used legitimate Office 365 email accounts and GoDaddy domain names to send communications back and forth so that anyone analyzing the activity would not notice anything out of the ordinary. They also established forwarding rules so that the email account’s owner would not notice that someone else was using their account.
This email workaround, done entirely using normal systems available in all email accounts, ended up in $15 million dollars being wired away from the company and eventually moved to a foreign account where it has not been found since. Ariel Parnes, when asked how to help prevent against other email attacks happening, offered these 12 ways to make your email safer against cyberheists:
- Enable multi-factor authentication
- Ensure that your employees are changing their passwords regularly, at least every 90 days
- Block email auto-forwarding
- Check regularly for hidden folders stored inside of inboxes
- Block POP, IMAP, SMTP1, and other legacy email protocols that have the ability to bypass multi-factor authentication
- Make sure that any changes to email settings are logged and kept for 90 days
- Set up alerts for unusual email activities, including log-ins from foreign countries
- Check your server logs for email access that was out of the ordinary hours and locations
- Consider investing in using a domain management service
- Make sure all employees know your specific policies for wire transactions
- Require both phone and email authentications to process wire transactions
- Require signatures for wire transactions and verify yourself they are correct
If you are a victim of a cyberheist, you need to act quickly in order to recover your stolen assets. At Stolen Asset Recovery Network, we work around the clock to help victims of cyberheists. Contact Stolen Asset Recovery Network today to get the help you need! We offer swift action on a global scale to combat cyber crimes.
STARnet
Latest posts by STARnet (see all)
- Recognizing & Combating Financial Fraud - September 15, 2023