I have seen it all too often.
A user goes to work and either comes in to the office to check their email or looks at their phone beforehand and oh no….they see a bunch of emails from their contacts all asking the same thing. “Why are you sending this to me? Dude you have been hacked!”
It is more than likely your account has been compromised by a bad actor who is using your account to send out dozens if not hundreds of phishing emails out to all of your contacts hoping to get a bite (click) on a malicious attachment.
If you are part of a large organization, IT probably has been notified and are already taking steps to mitigate the damage. But what if you are a small company or an individual? If you use Office 365 as your email platform you can do these 5 things.
Disable the Account From Sending mail
If you are an individual you really can’t do this so quickly move to the next step. If you run your own O365 tenant please do this (https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=o365-worldwide).
Change the Password Right Away to Something More Secure
To do this please follow one of my older blog articles (https://www.cayville.ca/how-to-create-a-strong-password-in-5-steps-especially-when-you-are-lazy/)
Enable MFA on the Account
Also, please visit one of my other blog articles (https://www.cayville.ca/using-mfa-why-should-you-care/)
Check If There are any odd Mail Rules for the Account
You need to make sure the hackers haven’t set up any forwarding rules that sends email to them (Instructions Here)
Disable Email forwarding for the whole Organization
This is a good security measure for many reasons. To add to the reason above it is good to disable it. That way, it can’t be used. You don’t want a disgruntled user to be forwarding email to another account that they could be using for malicious reasons against their soon to be ex-employer (https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-worldwide).
Following these steps will mitigate the damage and help you keep safe.