You likely go to great lengths to keep your home secure, to keep all your valuables safe. But there’s another place that holds a treasure trove of valuable things: your email inbox.
Amongst all of the emails from the mailing lists you’re subscribed to, it’s a place filled with personal information, details on all your different accounts and subscriptions, maybe even stored passwords. As your personal inbox, it’s a place where confidential details likely flow freely.
So what happens if someone sneaks in and starts rummaging around? That's exactly what an email compromise attack is: a digital break-in where cybercriminals gain access to your inbox and wreak havoc.
How does an email compromise happen?
How to avoid an email break-in
1. Multi-factor authentication (MFA)
One of the most effective ways to protect online accounts such as your email from cyber criminals is through MFA, a two-step verification to verify your identity and add an additional layer of security. But scarily, according to Cyber Wardens research, only 46% of small businesses are protecting their email accounts with MFA.
So make sure you switch MFA on for your email account. It could be a code sent to your phone, a fingerprint scan, or even a separate app where you need to verify your identity. This extra hurdle might mean it takes slightly longer to access your emails sometimes, but it also makes it much harder for cyber criminals to break in, even if they steal your password.
2. Create a strong password
Speaking of passwords, how strong is yours? Do you use the same password for multiple accounts? Weak or repeated passwords are like flimsy locks—easy to pick.
To strengthen your passwords, try using strong passphrases (think a long sentence you can easily remember) and consider using a password manager.
3. Keep passwords to yourself
Another big security risk? Sharing passwords. Let’s be honest, particularly in small businesses it’s tempting to have a central list everyone can access. But sharing passwords is like giving everyone a copy of your house key. The Cyber Wardens report found that only 6 in 10 (61%) small business owners currently provide each employee with their own login and password, which creates a major vulnerability.
The best practice? Unique logins and passwords for every employee. This way, if one password gets compromised, the damage is contained.
Small businesses are prime targets for email compromise attacks. By implementing MFA, using strong and unique passwords, and ditching shared password lists, you can help build a strong digital defence and keep your inbox—and your business—safe.
