Hackers are not always the brightest bulbs in the box. Their success depends more on you making mistakes than almost anything else. When they hack or spoof an email account, you’re dependent on your friends and associates to tip you off. Then, it’s up to you to resolve the problem as soon as you can. Here’s how our client handled their issue and how we handled one of our own.
Our client’s hack of their Comcast email started off simply enough. Hackers got their address book and sent an email to everyone asking if they used Amazon. That’s a normal start to a scam. Our client and spouse got tipped off when both got text messages from recipients – and the spouse got emails – suggesting that one of their email accounts might have been hacked.
Both of them were out of the house when they got word of the problem, but one of them was able to get home and start looking into the problem. The first thing they did was to change the password and the secondary email address used for notifications from Comcast. They also set up two-factor authentication (2FA) to the client’s cell phone number and changed the password again.
Those were two good steps to take, but there were two more surprises. First, they discovered that the hackers had set up an email address that they tied to the Comcast account. Our clients checked through all their accounts but didn’t see an email address that corresponded to the one set up by the hackers. They thought they were in the clear, but they hadn’t found the second surprise.
Later in the day, the client noticed they hadn’t been getting any emails on their Comcast account. They could send messages. Suspecting that a forwarding rule had been inserted by the hackers, they contacted Xfinity by telephone and after a few branches on the phone tree, they were able to speak to a security specialist. After an exhaustive security check, the specialist was able to remove the forwarding rule, securing the account.
They were fortunate that no emails involved responding to financial or healthcare websites. Had that happened, they could have been compromised. They did the right thing by changing the password, setting up 2FA, resetting the secondary email address and changing the password a second time. Those are things you can do immediately. They should have contacted Xfinity immediately after to see about any other changes and had them resolved right then and there.
Those are steps you can take if your email is hacked.
Our hack involved our QuickBooks address, and it’s typical of the problems small businesses can face. I noticed an email that looked like junk mail, so I didn’t pay much attention to it. But soon after, I took a closer look because the email address was firstname.lastname@example.org. It still didn’t seem that urgent, but it began to bother me.
So, I called QuickBooks (remember, we always urge people to pick up the phone if a problem seems bad enough) and explained what was going on. We have a merchant account. They said that hackers had set up an invalid account using the bogus email and an invalid tax ID number. It was a bare, basic account, but it was enough to raise a white-risk flag at QuickBooks. Our phone call put it on their radar screen.
This story should be on your radar screen, too. As small businesses – and even as consumers – we constantly get emails that we’ve been “approved” for something or other. We also get a lot of fake invoices that look like they’re coming from companies we do business with.
We need to be on guard against these. It’s easy to impersonate a business, and if the recipient isn’t careful, they might make a real payment to a real bank account that’s not tied to the legitimate vendor account they thought it was. As a business owner, we likely have no responsibilities or liabilities to the company or person that paid the fake invoice. HOWEVER, this is not a discussion I want to have with anybody.
At the end of the day, small businesses remain a huge target for hackers and cyber thieves. We need to depend on our own vigilance and the help of people we do business with to monitor anything that seems out of the ordinary and let someone know. I want you to let me know you got something odd from me – just like our client was tipped off about the bogus email. Any of these breaches can have serious consequences.
If you’ve been hacked in some way, take immediate steps to secure your accounts, including multiple password changes built around other security measures that you can take. Then, you can call us – 973-433-6676 – to let us know about the breach. We can help you investigate if any further damage was done and help mitigate the consequences as best as possible. If you have security questions, you can call or email us to discuss them.