Secure Your Email

Email security continues to be the most vulnerable security link in your email chain. Ninety-six percent of all phishing attacks use email, and some three billion emails are launched daily. Phishing can cost businesses $26 billion annually. The more email accounts you have, the more vulnerable you are.

One of our clients had six email accounts, all of them created for a variety of legitimate reasons. The problem is that it meant they had to guard six doors against intruders. That’s worrisome enough, but if you use multiple email clients, such as Outlook and Gmail, you need to deploy your security measures in line with each client.

Google’s Gmail has a particular vulnerability. According to a report from Malwarebytes, Russian hackers were able to bypass Google’s multi-factor authentication (MFA) in Gmail to pull off targeted attacks. They did it by posing as US Department of State officials in advanced social engineering attacks, building a rapport with their target, and then persuading them to create app-specific passwords (app passwords). App passwords are special 16-digit codes that Google generates to allow certain apps or devices to access your Google Account securely, especially when you have MFA enabled.

Outlook faces several significant security challenges, including vulnerabilities that allow for remote code execution, phishing attacks, and the potential for credential theft. These vulnerabilities can lead to data breaches, unauthorized access, and the spread of malware.

Here’s how to strengthen your defenses.

  • Only use app passwords when absolutely necessary. Change to apps and devices that support more secure sign-in methods whenever you can.
  • Authenticator apps, such as Microsoft Authenticator, or hardware security keys (FIDO2/WebAuthn), are more resistant to attacks than SMS-based codes.
  • Stay up to date on phishing attempts. Attackers often bypass MFA by tricking users into revealing credentials or app passwords.
  • Keep an eye on unusual login attempts or suspicious behavior, such as logins from unfamiliar locations or devices. Limit those logins where possible.
  • Regularly update your operating system and the apps you use to patch security vulnerabilities.
  • Enable automatic updates whenever possible so you don’t have to remember them yourself.
  • Use security software that can block malicious domains and recognize scams.

When it comes to SMS-based codes, we want to emphasize one particular vulnerability: SIM swapping. It’s one of the internet security industry’s biggest worries.

It’s undetectable and it works like this:

  • A hacker puts your mobile phone number on a SIM card installed in their own phone.
  • Using their phone, they get your authentication code, which gives them access to a website or email account.

Despite this vulnerability, SMS-based codes are better than nothing. At a recent training seminar, we learned that many people don’t use any kind of 2FA or MFA methods at all. That is totally unacceptable.

We can help you – and your employees and family members – set up better security measures on all apps devices. Call us – 973-433-6676 – or email us to discuss your needs and develop an action plan.

Quarantined Messages and Email Security

You may be getting emails from Microsoft about quarantined messages and wondering what’s going on. The short explanation is that Microsoft’s email filters are getting better and that the company is trying to protect you from harmful attachments and links that can compromise your tech system’s integrity.

We typically don’t know about a message we haven’t seen until the sender contacts us because we haven’t responded to them. In today’s age of more sophisticated phishing campaigns, deep fakes, and more malicious code, we rely on our email systems, such as Outlook and Gmail, to protect us from ourselves with stronger filters. Too many people are careless about opening attachments or clicking links that lead to scams. Even the most careful person can fall victim to clicking on something they shouldn’t. So, Microsoft makes you take an extra step or two in hopes you will slow down and give more thought to the action the sender wants you to take.

It used to be enough to check your spam or junk mail folder in Outlook, and it’s still important with the New Outlook. As filters get more robust, more messages get diverted there, but, as the commercials say, wait, there’s more. You are likely getting messages from Microsoft that they have quarantined messages based on their parameters for determining if a message may be part of a phishing campaign or has a malicious link or attachment.

If you have Office 365, you won’t be able to access the quarantined message in your inbox. Instead, you’ll get a message with the following information for each quarantined message:

  • Sender: The email address of the sender of the quarantined message.
  • Subject: The Subject line of the quarantined message.
  • Date: The date/time that the message was quarantined in UTC.

You’ll also get a link. If you don’t understand what’s going on, you probably feel safer just deleting the message with the link. However, because the filters are more robust – based on an array of factors – you could miss a useful or important message.

Individuals and office administrators who use Office 365 as a web app can find their quarantined messages by clicking on this link: https://security.microsoft.com/quarantine?viewid=Email. It takes you to a Microsoft Defender page where you will see who each message was from and why it was quarantined. Messages are held there for 30 days. During that time, you can release a message, which will send it to your inbox, where you can open it and decide what you want to do. You can also delete a message directly from the quarantine page. We recommend you bookmark this link.

Of course, these security measures put an onus on senders, especially those who legitimately send bulk email, to ensure their DNS records are up to date and follow accepted anti-spam policies for outgoing mail.

We can help you by reviewing your incoming and outgoing email settings to maximize your security and email handling efficiency. Call us – 973-433-6676 – or email us to talk about it.

Manage Your Email to Avoid a Scam

As more businesses are bought and merged, it’s more important than ever to pay attention to email accounts for all the entities involved. We’re finding “sleeper agents” hiding in neglected accounts, and they’re waking up to bite hard.

In a recent case, a client bought a business a few years ago and set up a number of special email accounts to help manage the transition and keep tabs on things going forward. The only problem is that going forward, they did not monitor those emails – and the account – so they didn’t realize their system was compromised.

They did notice irregular financial dealings in a bank account, and they went to the bank to change the account and the associated online password. But the person who had infiltrated their system still had access to all the email notifications, rendering each system fix ineffective. It took some heart-to-heart conversations with our client to get to the root of the problem and then fix it.

We needed strong passwords on every online and email account they had, but with a mole inside the system, that wasn’t enough. There are two more steps you need to take to tighten your system.

The first step is to set up two-factor authentication (2FA) for every account. Yes, it is a pain to wait to complete a secondary step, but it works. We find a text connected to a cell phone is effective because whoever is accessing the account has the cell phone nearby, and you know the verification code is going to the right person. The chances of the text message being intercepted are extremely remote.

The second step is to manage your email more effectively – and that calls for more than just checking it frequently. Whether it’s at the office or home, many email accounts have – or can have – a secondary email associated with each account. Please don’t leave it blank. That’s the door a hacker uses to get in. When you change the password, go into the profile for the user and reset or start using the secondary email account. At the same time, reset the rules for managing each account. The hackers had email forwarded to an account they could monitor, which let them stay up to date on all the changes our client made.

For both online and email accounts, you need to check each user’s profile information regularly. That’s where we can help. We can check or tell you where to look to see if anyone has electronically “jimmied” open a window to your system and help you take more protective measures. As businesses and consumers, we depend more and more on electronic payment systems to pay our bills and have our invoices paid accurately and on a timely basis.

Call us – 973-433-6676 – or email us to talk about your concerns and to schedule an assessment and a remediation plan – if needed. It’s your money, and if a scammer gets it, you likely will never get it back.