Why is email security important?
If someone gains unauthorised access to, or impersonates your email account, they can intercept or gain access to your private communications. This could result in fraud, with cybercriminals intercepting financial transactions such as invoices. Cybercriminals will use email to abuse trust in business processes to scam organisations out of money or goods. This type of email attack is often referred to as business email compromise (BEC).
The Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) Annual Cyber Threat Report 2020-21 puts self-reported losses for business email compromise at $81.45 million for the 2020-21 financial year. In the same period, business email compromise made up nearly 7% of all cybercrime reports.
Cybercriminals could also use your email to convince others to click on malicious links, open malware attachments, or share sensitive information.
What to look for
There are some common things you can look for to see if someone else has accessed your email account:
You cannot access your email as the password is incorrect.
There are strange emails in your sent folder.
You receive unexpected password reset notifications.
You notice sign ins from unusual IP addresses, devices, and/or browsers.
Emails have been deleted or moved to different folders.
In some cases however, you may not realise that your email account has been compromised until one of your contacts flags suspicious emails coming from your account.
Our practical guides
Preventing business email compromise
There are many easy steps and actions you can take now to protect your business. Learn about the simple, cost-effective and immediately beneficial protective measures you can implement.
Report and recover from business email compromise
Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Review your email account security
How to check your email account security for Gmail and Outlook.