Cyber Alert
The following warning was issued on 02/07/2018 by the market leading CFC Underwriting and is worth consideration if you are using Office 365:
Web-based Corporate Email Compromises Rapidly Increasing
The CFC Incident Response team has seen a surge in cybercrime against corporate web-based email accounts, like Office 365. Criminals compromise corporate email accounts by reusing credentials from well-known public data breaches to guess employee passwords.
Once they have access, they use these accounts to perpetrate funds transfer fraud and send malicious emails. Recent cyber claims made to CFC indicate that even strong or complex passwords are often not enough to protect employee email accounts from compromise.
Enable Multi-Factor Authentication to Prevent Email Compromise
Multi-factor authentication can improve the security of web-based email accounts by requiring an additional verification step for any external connection to email (for example: a code generated by a mobile app or through an SMS message). Most email systems provide multi-factor authentication and will allow users to establish ‘trusted devices’ to reduce the inconvenience of entering a code every time they log in. CFC encourages all clients to consider implementing multi-factor authentication to improve the security of their web-based emails systems.
Additionally, it is critical that IT administrators enable the right logging in the event that your mailbox is compromised as it can help you determine if attackers have compromised your private data. Properly configured, email systems such as Office 365 even allow you to set up alerts in the event certain security conditions are met which can help you quickly catch the attacker.
Additional Resources:
If you are using Office 365 for your business, you can find more information about enabling multi-factor authentication at no cost from Microsoft’s web site here. In addition, you can find information on how to enable mailbox auditing in Office 365 here. Lastly, Office 365 has a page for assessing how secure your configuration is, called the Secure Score, which is available here.