Hacking corporate email accounts is becoming an alarmingly popular pastime with cybercriminals these days, so we'd like to offer some simple advice if you get affected.
You'll know if your account has been compromised because a number of – if not all – people in the organisation will start to receive spam emails from one or more anonymous addresses. Clearly this is a criminal activity, and the spammers should be pursued and closed down. However, that will not provide an immediate fix to the issue.
Our advice is to act without delay, and take a few simple precautions:
– Change your email address subtly to a new one, for example john.smith@ to john.smith1@ Unfortunately, you'll need to tell all of your contacts that you've done this, but it does mean that your compromised address won't be used (or spammed) any more, so it's worth the effort.
– Block emails from either the individual address that's spamming you – or all addresses from the domain.
– Delete any emails you receive from the anonymous email address.
– Do not open attachments on suspicious or unsolicited emails.
– Change your passwords in case they have also been compromised, and use different passwords between different websites (see our advice on choosing and using passwords).
– Attempt to set up an automatic internet search such as Google Alerts, and report if your email address is published online elsewhere.
– Ensure you have the latest version of your antivirus and antispyware software loaded and switched on.