*This article originally appeared here on LinkedIn*
In my previous article I have showed how easy it is for hackers to get your outlook & 365 password.
The method I showed requires the hacker to be on the same network as you (WI-FI or Local) but usually hackers will use much easier way to obtain your password:
Spearhead phishing & Social Engineering is very effective and works from my experience in many cases – they are waiting for you to be a off your guard for a second and then they will get your email password (you will give them the password … )
There are several very easy steps that from my professional experience reduce the risk significantly:
- Don’t be cheap and use a business grade email solutions like Microsoft 365 or Google Apps – you are paying for added security / traceability and support. the worst Hacks i have seen are always with “Free” email accounts such as Yahoo, Gmail and such where you don’t have a real “point of contact” when you need help
- Use complex passwords (Example@78!) – don’t use the same password you use for other service !
Use the Advanced feature that the business grade solutions offer you – use 2 Form Authentication (for more information, visit our 2-Form Authentication post for an in depth look at this.)
Use 2 Form Authentication – it will require you provide another authentication via SMS / APP and will make it MUCH more harder for the hacker to hack your email account
Both Microsoft and Google offer 2 Form Authentication solutions,
both of them will require you to provide a one time password via SMS / APP when you login.
Both of them also support “APP Password” that will provide you a one time password for your APP ( such as outlook ), This is very useful to avoid the type of “Men in The Middle” attack I have shown in the previous article
Generally speaking Hackers usually search for the ” weak link ” in the chain – dont let it be you – do what ever you can to make it complex for them so they will move on to another person / company.
Never say it wont happen to you… when it does it hurts more and you will regret not taking the basics steps to protect yourself
Written by Eli Migdal, CEO of TowerWatch Solutions Ltd (UK) and founder of Migdal Computing Solutions Ltd (Israel)