A phishing attack is a common method cyber criminals use to trick individuals into revealing their login credentials. A cybercriminal will often create deceptive emails or websites that resemble legitimate services, such as your email provider or your Manager. Email marketing is not dead and many marketing companies still use it as a great way to reach their customer base. However, if companies are still utilising emails, then cyber criminals are too! Regularly updating your password reduces the chances of falling victim to phishing attempts and protects your account from unauthorised access.
Updating your login information allows you to enable or configure multi-factor authentication (MFA) for your email account. MFA adds an extra layer of security by requiring an additional verification form, such as a unique code sent to your mobile device and your password. Enabling MFA can significantly enhance the security of your email account. Using the Microsoft Authenticator app is recommended.
By regularly updating your email passwords and logins, you actively contribute to maintaining the security and privacy of your online accounts. It’s advisable to follow best practices for password management and remain vigilant against potential threats to safeguard your personal information. To learn about best practices, Neuways are always on hand to provide guidance to help you protect your business.
So, should you change your email password after clicking on a potential phishing email? How do you do it?
Yes, if you have clicked on a potential phishing email, it is strongly recommended that you change your email password immediately. Phishing emails are designed to deceive you and trick you into providing your login credentials or other sensitive information. If you have clicked on a suspicious link or entered your password on a fraudulent website, there is a risk that your account may be compromised.
To protect your account, follow the steps outlined by Neuways below.
Change your password
Go to the official website of your email provider (do not click on any links within the suspicious email) and change your password. Choose a robust and unique password that you haven’t used before. You should be able to identify the official website through security labels and logos which provide you with a sense of security.
Enable multi-factor authentication
As mentioned earlier, you need to use MFA if your email provider offers it. MFA adds an extra layer of security by requiring an additional verification form, such as a unique code sent to your mobile device and your password.
Check your account settings
Review your email account settings to ensure there haven’t been any unauthorised changes. Look for any unfamiliar email forwarding rules, aliases, or changes to your recovery email or phone number. If a change in recovery email or phone number is made, you will usually be alerted before the change is made.
Report the phishing email
If you have received a suspicious email, report it to your email provider straight away. This helps them identify and take action against phishing attempts, protecting other users.
Be cautious in the future
You and your employees can learn to recognise phishing emails and exercise caution when opening email attachments or clicking on links. Neuways’ phishing awareness training can help you and your teams look for signs of suspicious email addresses, grammatical errors, requests for personal information, or urgent and unexpected demands.
Remember, changing your password is crucial in mitigating the potential risks associated with a phishing email. Additionally, stay informed about the latest security practices and follow guidelines provided by your email service provider to ensure the ongoing safety of your account.
If you believe your email has been compromised, immediately protecting your account and personal information is essential. There are plenty more ways you can keep your email account and security software updated, as we list below.
Scan for malware
Run a thorough scan of your computer or device using reputable antivirus or anti-malware software. Malware or keyloggers can compromise your email security, so ensuring your system is clean is essential. Make sure it is the official software you are using though.
Review sent and deleted emails
Check your sent and deleted folders for any unauthorised or suspicious emails that may have been sent or deleted without your knowledge. This can help you identify any unauthorised activity.
Update other accounts
If you use the same password for other online accounts, change the passwords for those accounts to prevent unauthorised access. This includes website logins and social media logins. These are obvious ways for cyber criminals to find out your passwords and commit the ultimate hack.
Be vigilant for identity theft
Monitor your other accounts, financial statements, and credit reports for any signs of unauthorised activity or identity theft. If you suspect identity theft, contact the appropriate authorities and consider placing a fraud alert or credit freeze on your accounts.
Ultimately, employees need to act swiftly and taking these steps to secure your compromised email account is essential. The specific procedures and contact information may vary depending on your email service provider, so consult the official website or contact their customer support for guidance tailored to your situation.