Why is email security important?
If someone gains unauthorised access to, or impersonates your email account, they can intercept or gain access to your private communications. This could result in fraud, with cybercriminals intercepting financial transactions such as invoices. Cybercriminals will use email to abuse trust in business processes to scam organisations out of money or goods. This type of email attack is often referred to as business email compromise (BEC).
The ACSC Annual Cyber Threat Report 2020-21 puts self-reported losses for business email compromise at $81.45 million for the 2020-21 financial year. In the same period, business email compromise made up nearly 7% of all cybercrime reports.
Cybercriminals could also use your email to convince others to click on malicious links, open malware attachments, or share sensitive information.
What to look for
There are some common things you can look for to see if someone else has accessed your email account:
-
You cannot access your email as the password is incorrect
-
There are strange emails in your sent folder
-
You receive unexpected password reset notifications
-
You notice sign ins from unusual IP addresses, devices, and/or browsers
In some cases however, you may not realise that your email account has been compromised until one of your contacts flags suspicious emails coming from your account.
Our practical guides
Preventing business email compromise
There are many easy steps and actions you can take now to protect your business. Learn about the simple, cost-effective and immediately beneficial protective measures you can implement.
Protect Yourself: Multi-Factor Authentication
Multi-factor authentication (MFA) is when you use two or more different types of actions to verify your identity.
Review your email account security
How to check your email account security for Gmail and Outlook.
What to do if your business email has been compromised or attacked
Find out what to do if you or your business has fallen victim to a cyber attack.