One of the most common ways for hackers to attack any individual or company is through email. And once a hacker gains access to your email, they can often gain access to many other parts of your business. So locking down your email with appropriate modern security measures is a very easy and powerful step in preventing an initial breach. But unless you know about these hacks and how they work, and the simple email security settings you can change to help prevent them, your business might be vulnerable.
The Old Way of Trying To Hack Your Email
Hackers are getting smarter all the time. So as a defense is created for their latest methods, they invent new methods that end up being more successful. Typically, if someone wanted to hack your email, they would try a long list of potential passwords -- including your birth year, children’s names, common words used in passwords (like “password”) and more -- repeated until they found one that worked.
So the defense against that was to develop protocols that locked out an IP address or an account from being accessed for a certain amount of time if a login failed more than a few times. So after a small number of failed attempts, the hacker would be locked out.
How Hackers Changed Their Approach
So how did the hackers get around this lockout problem? They invented a new technique called “password spraying,” and it goes like this. Rather than trying several passwords on one email account, the hackers try one common password (such as “Password123”) on thousands of email accounts. Once they’ve tried it on all the email accounts in their list, they move onto another common password (like “qwerty” or “123456” or “iloveyou”) and try that one on the same list of email accounts. Then the next common password, and so on and so on.
By attempting just one login per account before coming back hours or days later to try another password, the hackers never get locked out. And that means that the hackers can attempt to breach far more accounts in a given amount of time than with their older methods.
So What Is The Legacy Security Hole?
So what is the legacy security hole that allows this kind of behavior? Actually, there are a few. First are two outdated email protocols -- IMAP and POP3 -- that use simple login methods. While the most common email systems like Microsoft Exchange (on-premise and hosted versions) and Gmail have their own proprietary login and communication protocols, millions of admins and users have opened up IMAP and POP3 access to their email boxes to support a legacy device or just because that is what they are used to using.
These legacy email protocols have far lower security standards than most modern email servers’ proprietary protocols.
What kinds of security standards?
Modern email servers often have options for Multi-Factor authentication. You’ve seen this before when you log into your bank for the first time from a new computer. You not only need to supply your password, but you also need to enter a code after it is sent to your cellphone via SMS.
How To Defend Yourself Against Password Spraying?
Defending yourself is fairly simple and can be done in just a few minutes. Follow these simple steps to make a password spraying attack nearly impossible:
- Change your password to something complex.
No more common passwords, baby names, favorite holidays, birthdates or other predictable passwords for you. From now on, create only long passwords with upper and lower case letters, numbers and punctuation.
- Disable IMAP and POP3.
There is little reason these days to continue using these outdated protocols. Turn them off as quickly as you can.
- Turn On Multi-Factor Authentication
It may be an inconvenience at first, but you’ll soon learn that this one choice will keep your email box safe.
Defending Yourself Against Other Threats To Your Business
Of course, someone gaining access to your email isn’t the only way that threats can attack you via email. Viruses, trojans, ransomware and other malware all can be delivered via email. And Phishing could be an even worse threat. If you would like to protect yourself from all the cyber dangers that threaten your business daily, let’s talk. We have methods to protect you and your business that go way beyond the simple antivirus solutions that most IT companies might offer you. Contact us online today, or call us at 818-913-1335.