Protect your business
Kia pare i tō pakihi ki te whakamōrea īmēra

Protect your business against email compromise

There are some simple measures you and your staff can put in place to strengthen your business email security.

3 min read

What it is

Business email compromise is when an attacker gets access to someone's work email without their permission, to carry out attacks or scams. 

How to protect your business email accounts

  • Set up two-factor authentication

    Two-factor authentication (2FA) requires users to provide something else on top of a username and password when logging into your systems, to verify that they are who they say they are. 

    With 2FA enabled, an attacker would usually need access to another or a token to be able to log in to your system, even if they managed to crack a username and password.

    Protect your business with two-factor authentication (2FA)

  • Use strong, unique passwords

    Use strong, long and unique passwords on all your accounts. Encourage staff to use a password manager to help them remember all their passwords.

    Create a password policy for your business

  • Don't share personal information online

    Don’t give out personal information online, whether on social media or by email, and ensure your staff know the importance of this too. Personal information, whether it's birthdays, addresses or pets' names can help attackers to guess usernames or passwords.

  • Set up logs

    Logs record all the actions that people take when they access your website or server. They can help you detect when an incident happens and establish the full scope of the incident.

    Set up logs and monitoring for your website

  • Prevent spoofing with SPF, DMARC and DKIM security policies

    Email is when an attacker sends an email appearing to come from your organisation’s . This can happen if your domain doesn't have SPF (Sender Policy Framework), DMARC (Domain-based Message Authentication, Reporting, and Conformance), and DKIM (DomainKeys Identified Mail) security policies set.

    Preventing your email from being spoofed

  • Get IT support

    Ask your IT provider to monitor your business email and check:

    • auto-forwarding rules on email accounts, especially those relating to accounts receivable
    • auto-filtering rules on email accounts to see if there are any rules that you did not set up
    • email access logs to look for any unusual login behaviour like a change in log in times and an unexpected or foreign  .

Get help

If you discover that an email account within your business has been compromised, there are some steps you can take to help reduce the impact.

  • Change the passwords on all affected email accounts immediately.
  • Set up 2FA.
  • Tell your IT provider.
  • Ask your IT provider to check your system for any installed malware.

You can also report the incident to us at NCSC.

Get help now