In the last 20 years email has transformed the way we do business, although numerous sources are saying that email is dead it clearly isn’t and for many businesses email is their life blood, unfortunately therein lies the problem as Cyber Criminals know that. 
 
2020 has been a trying year for many with #Covid19 and the growth of Cyber Crime has been dramatic, this recent article from Interpol shows in detail just how much the pandemic has assisted Cyber Criminals grow their business, especially considering this statement from Jurgen Stock, Interpol Secretary General 
 
 
Although there are many scams to be concerned about with email: - 
 
Phishing 
Disruptive Malware 
Data Harvesting Malware 
Malicious Domains 
Misinformation 
 
There is one that will be overlooked and could be considered one of the most demonstrative, what is it - A simple Auto forward. 
 
Let’s Explain 
 
The auto forward scam works like this: - 
 
We all know that many people have poor passwords. 
Cyber Criminals will obtain users email accounts/passwords. 
The users email account gets hacked/compromised. 
Eventually the user notices that their email has been hacked. 
The first thing the user does is change the password. 
 
Problem solved right? No, why? 
 
Many fail to check that the Cyber Criminals have setup an Auto Forward rule on their email account. The consequences of this are very simple, all of the users email will be forwarded without any notification to an alternative email account, an account that will be controlled by the Cyber Criminals allowing them to Listen, Learn, Manipulate and Act on all of the emails that that user receives, which could include:- 
 
Password resets. 
Financial Information. 
Holiday bookings. 
Sensitive Work data. 
Sensitive personal data. 
Etc. 
 
Its is very clear that any of the above information will be highly beneficial to Cyber Criminals and the ramifications could be extensive unless the problem is stemmed rapidly. 
 
What should you do? 
 
Our recommendation would always be to ensure good email account practices and ensure the following as an absolute minimum: - 
 
Always use a strong password. 
Implement 2 factor authentication where you can on all accounts, otherwise change your passwords at regular intervals. 
Regularly check the rules that exist in your email account. 
Delete any rules that you do not recognise as a matter of urgency. 
 
 
Our Solution... 
 
At JCBcs we recommend our Cyber Vulnerability Review which will identify and correct any cyber vulnerabilities that you may have. 
Our Cyber Vulnerability Review is part of or our comprehensive GDPR/Cyber Consultancy which ensures that your business follows a correct & tailored Compliance Journey keeping you safe from Cyber Crime. 
 
GIVE US A SHOUT 
Use the form below to drop us an email. Old-Fashioned phone calls work to ~ 02890 022344 
Share this post:

Leave a comment: 

Our site uses cookies. For more information, see our cookie policy. Accept cookies and close
Reject cookies Manage settings