Nobody wants to be the victim of hacking, but most people don’t know enough about hacking to prevent it. The potential damage to a home computer can be bad enough, but imagine what might happen if one of your workplace computers was infiltrated. The large-scale cyber-attacks that have been perpetrated in recent years are alarming, and it’s vital for the security of your organisation’s data that steps are taken to ensure data is stored safely.
From Phishing to Account Takeovers
Most computer and internet users are now familiar with cyber attacks such as phishing and email hacking attempts, computer viruses and ransomware. However, most people have not heard of a relatively new kind of problem, called an account takeover (ATO) attack. The ATO attack is a new variation on an old scam: the sender of the phishing email claims to be a Microsoft employee with important news about your account security, your subscription, or another important aspect of your account.
A good phisher can make an email sound just authentic enough that people who aren’t familiar with the scam will end up falling for it. And once they do, the scammer can quickly gain access to their Microsoft account and whatever data it holds.
That’s when it has the potential to get even worse. If one person in your organisation falls prey to this kind of scam, the scammer then has access to an authentic email account. They can then send out scam emails to the rest of the office—but those emails come from a genuine trusted work email address. An expert scammer can potentially gain access to highly sensitive information.
How Can You Protect Your Office 365 Account?
Avoiding hackers, malware, phishing, and other problems requires a little knowledge of Office 365 and computers, and some common sense.
Protect your password.
Don’t tell anyone what your password is, don’t write it down, and don’t choose a password that contains any personal information about you. For instance, your password shouldn’t be your name or street address, or any other information that’s specific to you.
Use two-step verification.
This is a sign-in method that makes your Office 365 account more secure. In this process, you need more than a password to sign into your account. The second step is to verify your identity using a second code that’s send to your mobile device when you use your password. Once you receive the code on your mobile, you can then enter it to log in to Office 365.
Know what hacking and scam attempts look like.
Beware of phishing attacks that attempt to trick you via email. If you get an email claiming to be from an official Microsoft or Office 365 email address, always perform a few simple checks to verify its authenticity. Make particularly sure to do this if you haven’t initiated any contact with Microsoft that might prompt an email reply. If you’re getting an email out of the blue—especially one that claims there’s a problem with your account—there’s a good chance it’s a scammer.
Check the email and the sender address for spelling and grammatical errors. Hover over the sender’s email address to check that it’s an official Microsoft Office 365 address. If there are any links in the email, hover over them to check where they go. And don’t click any links, even if they look legitimate. Instead of clicking the link, go to the Microsoft Office portal and log into your account using the secure two-step verification process.
Use identity protection.
With identity protection enabled, the system learns your login and activity habits, and then uses this information to identify suspicious-looking activity. For instance, if the system notices that you login to your account from a different location, it can send you an email alert to confirm your identity.
Use Windows security tools and keep them updated.
For instance, BitLocker device protection, Windows Defender, and Windows Firewall. All of these use different tools and detection methods to protect your computer and your data.
And, make sure all computers and mobile devices you use have all the latest Office 365 and Windows features and security updates. This ensures you have all the latest versions of the operating system and apps, and the latest security features to protect you from new viruses and ransomware attacks.
Pay attention to what your account tells you.
It’s easy to get blasé about computer safety as you become more familiar with how Office 365 works. But don’t get lulled into a false sense of security. It’s always important to be vigilant, especially when you’re working with sensitive data. In many cases, Windows and Office will let you know when something isn’t right, so make sure to pay close attention to security alerts and other messages.
For more information on the best ways to protect yourself online, get in touch with us today.