Compromized E-mails Grow as Hackers Double Down on Employees’ Bad Clicks

  by    0   0
As the cyber threat spreads its tentacles, a new report sheds light on a rising risk, with the number of business e-mail compromises growing at an increasing rate. The report by Beazley Breach Response Services, part of specialist insurer Beazley P.L.C., found that the e-mail threat is greater for organizations that use Office 365, Microsoft’s cloud-based package of popular software like Word, Excel and Outlook, the e-mail platform. The study found that hack and malware breaches via Office 365 accounted for 13% of incidents during the first quarter of 2018. The report should set off alarm bells at all organizations since e-mail is central to how we get business done these days. Financial services, health care and professional services are the top sectors targeted by attempts to compromise e-mail as a way to gain entry into an organization’s systems.   What’s happening? Employees are usually the weakest link in an organization’s chain. Anybody with e-mail in an organization can let in hacks and malware by clicking on a link in a phishing e-mail, but also on a HelpDesk message or Microsoft survey. Once they click on these links, the employee is directed to a website that appears legitimate, with the Microsoft logo and a general “look” that mimics the company’s own website. There they are asked for e-mail credentials, including a password. Once those details are supplied, the malware does its stuff and infects the system or the hacker starts harvesting the user’s credentials and logs into the mailbox undetected.   What happens when hackers gain access to e-mail? After getting access, hackers can:
  • Run searches to steal personally identifiable information.
  • Steal bank information to send e-mails requesting fraudulent wire transfers.
  • Search the inbox to determine what HR and benefits self-service portal the employer uses, and then request a password reset for the user in that system. Once in the self-service portal, the attacker redirects the employee’s paycheck to one of their accounts.
  • Send spam e-mails to all of the user’s contacts in an attempt to get others to give up their credentials as well.
  The top two causes of data breaches reported to Beazley Breach Response Services were hack or malware (42%) and accidental disclosure (20%). Social engineering and disclosure by insiders were the next highest causes of incident, each at 9%. Other threats that also gain entry when employees click on bad links are ransomware that can shut down an organization’s entire system. Hackers then demand a ransom to unlock it.   What you can do There are a number of simple ways to thwart infiltrators:
  • Change passwords regularly
  • Have dual-factor authentication
  • Remove auto-forwarding or auto-delete rules
  • Teach your employees how to detect bogus-looking e-mails. If unsure, one of the best ways is to look at the sender’s full e-mail address and see if it comports with the e-mail address of a known entity, like a bank.
  Office 365 tips For organizations that use Office 365, Beazely recommends that they:
  • Require two-factor authentication for access to Office 365.
  • Use the Secure Score tool. This Microsoft tool can be used by anyone who has administrative privileges for an Office 365 subscription. It assists not just in analyzing, but also with implementing best practices regarding their Office 365 security.
  • Enforce strong password policies. Educate employees about the risks of recycling passwords for different applications.
  • Alert employees who have access to accounts-payable systems or wire transfer payments about these types of scams.
  • Train all employees to beware of phishing attempts.
  • If you use cloud-based platforms, investigate what logging is available and make sure it is enabled. For instance, if you’ve migrated from on-premises Exchange to Office 365, audit your security settings, which are reset to default settings during migration. In Office 365, you must turn on audit logging in the Security & Compliance Center.
  • Work with your cloud provider’s technical team to determine what activities are logged and ensure you have the visibility you need, for the monitoring period you need.
 


Related Posts

The New Landscape of Risk That Every Business Should Prepare For

Businesses are facing larger and larger liability claims throughout the country, driven by a number of legal trends that are resulting in bigger lawsuit awards and new risks that many companies are unprepared for. A recent study by Liberty Mutual Insurance found that the U.S. insurance industry’s liability-related payouts have been growing steadily due a […]

READ MORE →

New OSHA Deadline for Fall Protection

Slips, trips and falls are some of the leading causes of workplace injuries. They account for 20% of all workplace fatalities, disabling injuries and days away from work in general industry. The injuries and risks are so common that four of the top 10 most cited standards by OSHA are related to fall prevention. With […]

READ MORE →

Why Your Firm May Need Professional Liability Coverage

A majority of companies are leaving themselves exposed in one crucial area as they take on high-end professional services work. As more companies’ work is intangible, many firms are missing a critical element of protection for their professional services. Professional liability insurance in the past was mainly purchased by architects, accountants and lawyers, but with […]

READ MORE →

Employers Failing to Report Serious Injuries to OSHA, DOL finds

A recent federal government report has urged the Occupational Safety and Health Administration to take steps to ensure that employers report fatalities and injured worker hospitalizations. Many employers may not be aware, but in 2015 OSHA amended its severe-injury reporting rule to require that employers report the inpatient hospitalization of a single injured employee. Prior […]

READ MORE →

NLRB Moves to Restore Joint-Employer Standard

The National Labor Relations Board has issued a proposed rule that would roll back an Obama-era board decision on joint-employer status for companies that hire subcontractors or use staffing or temp agency workers. The decision by the NLRB in 2015 overturned a long-time precedent (a standard in place since 1984) that a company must have […]

READ MORE →

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top