Office 365 has become a big target for hackers due to it being used by thousands of businesses. We have seen an increase over the past few years of Man-in-the-Middle (MitM) attack attempts on our clients. In these types of security breaches the bad guys monitor hacked accounts (sometimes for months) looking for an opportunity to impersonate the real account user. Examples of the devastating outcomes of such attacks can be found HERE, HERE, HERE, and HERE.
If you have Office 365 you can use the below steps to do a quick check to see if you have any of the common signs of a MitM attack. Other email services will have similar menu options.
Remember, it is always good practice to change your password at regular intervals throughout the year. Just make sure your password is secure.
Go to http://outlook.office.com and sign in with your Office 365 credentials.
Step 1 – Click on the gear icon in upper right.
Step 2 – Click on the gear icon in upper right and then View all Outlook settings.
Step 3 – Select Mail
Step 4 – Select Rules. If you see any rules that you did not set up notify your IT department. A common rule that hackers use are moving items from your inbox to other folders such as Archive, Trash, and Junk. If you make any changes make sure to save them.
Step 5 – Select Forwarding. If you see mail going to an unknown email address that is a good sign your account has been compromised. If you make any changes make sure to save them.
Every attack profile is different and even if your account looks good always assume the treat is there. Your IT department can help minimize the risk through a combination of user training, Office 365 settings, and standard security software. Wireguided is always here to assist your organization in all matters of security. Our services include anti-phishing training, incident response, disaster recovery, and security infrastructure design.