Have any questions? Feel free to contact us:
+44 (0)1462 416999

Identifying Compromised Emails

Feb 6, 2019 Posted by: Dwills Tips

Identifying Compromised Emails

Despite understanding how to create a strong password, many people use the same passwords for their home email as well as their work accounts. The same password is often used for other online accounts too – including banking.

Should your email become hacked, it has the potential to cause major problems for your organisation as well as for you as an individual.

What happens when your password is compromised?

IMAGE: Email login areaOnce compromised, hackers can use your password to access your contacts. By using the same password for home and work emails, the hackers can access both accounts. They send emails to your contacts or a list of their choosing.

Usually, a huge number of emails are involved. Content varies, causing inconvenience and a poor impression of you and/or your business as a minimum.

Hackers also use stolen email addresses to build profiles for identity theft and to capture additional information about you.

4 Signs that your email account has been hacked…

There are several key signs that someone – other than you – has accessed your email account:

  1. IMAGE - contacts via smart phoneYour password has been changed
  2. Unfamiliar emails in your ‘sent’ box
  3. Security messages about an unusual location/device accessing your account
  4. Messages from your contacts (work or home) querying unusual emails that look like they have been sent by you

Once hackers have access to your account, they usually send a vast number of emails in a short period of time.

In addition, hackers can create rules to divert emails or delete them upon receipt. This means that unless you check your sent items, the hack may not be noticed for some time.

The sooner the hack is identified, the better.

Proactive alerting

Early notification of a hacked email account is the best way to minimise potential damage. EMH Technology is proud to use an internally-developed monitoring feature to identify compromised email accounts, fast.

IMAGE: IT SecurityThe software looks at clients using Office 365 email and counts the number of email messages sent each hour.

We identify and report on the top senders and the number of emails via a secure Business Intelligence dashboard. Spikes in traffic are identified and should any unusual activity occur, we get in touch to check all is well. (The proactive alerting system doesn’t know who the recipients are or the subject or message content, so privacy is maintained.)


“One of our clients usually sends 20 to 30 email each day. Suddenly there was an overnight spike of 1,650 emails,” says Eric Hughes, founder of EMH Technology. “Both the timing and the volume were suspicious, so we called the client to inform them. Thankfully the spike was due to a legitimate invoice run. However, our client was grateful we had spotted the unusual pattern and checked it with them.”

Counteracting hackers…

Eric explains: “The best way to counteract hackers is to use two-factor authentication when logging into email accounts.”

This means that your identity is confirmed by asking for an additional piece of information beyond your password. This is often the answer to “something you have”, such as a code sent to your mobile phone. The strengths of this process are that the code is dynamically generated and that it is sent to you on a physical device, such as a key fob or a mobile phone, which you must have in your possession.

“Many of our clients use two-factor authentication where users enter a code as well as their password,” adds Eric. “A code can be generated by a mobile phone app or you could receive a text message.”

Peace of mind

Is your email system monitored for unusual activity?

Does your team use two-factor authentication?

Safe, secure technology is hugely important – to your business and its customers. Would you like to discuss your current system and explore options for improved security or proactive alerting? Contact EMH Technology for more detail without obligation. We’re here to help.

Chat Now