Email security

If someone gains unauthorised access to, or impersonates your email account, they can intercept or gain access to your private communications. This could result in fraud, with cybercriminals intercepting financial transactions such as invoices. Cybercriminals will use email to abuse trust in business processes to scam organisations out of money or goods. This type of email attack is often referred to as business email compromise (BEC).

The importance of email security

The Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) Annual Cyber Threat Report 2020-21 puts self-reported losses for business email compromise at $81.45 million for the 2020-21 financial year. In the same period, business email compromise made up nearly 7% of all cybercrime reports.

Cybercriminals could also use your email to convince others to click on malicious links, open malware attachments, or share sensitive information.

What to look for

There are some common things you can look for to see if someone else has accessed your email account: 

• You cannot access your email as the password is incorrect.

• There are strange emails in your sent folder.

• You receive unexpected password reset notifications.

• You notice sign ins from unusual IP addresses, devices, and/or browsers.

• Emails have been deleted or moved to different folders.

In some cases however, you may not realise that your email account has been compromised until one of your contacts flags suspicious emails coming from your account. 

Our practical guides