Recently my email account was hacked. We all like to think we are somewhat internet savvy and while you wouldn’t catch me falling for the Nigerian royalty inheritance-type email scams, last month, I did click on a link to a Dropbox file sent by a trusted source who had advised he would be sending me a link to a large image that very afternoon.
What appeared to be a fairly harmless phishing exercise, that I instantly forgot about, turned out to be the trigger to serious mandate fraud. Assuming my identity by using my email account, the hackers succeeded in getting a large sum of money transferred out of my ISA. Investigations are ongoing!
This has left me compelled to review our IT security processes at Propel Technology. The issue of hackers using trusted file sharing site URLs such as Dropbox is not going to go away and this has got to affect the way businesses approach file sharing in future, particularly those working in the media.
Therefore, to give our clients and key suppliers confidence that communications from Propel Technology are safe, from today, all emails we send to them with links to downloads will:
1. be part of a personalised email containing specific information on the project to which they relate (as is usually the case anyway!)
2. be sent from our Microsoft Outlook accounts (with our Propel Technology email footers at the bottom). If we are sending them from Smartphones etc. we’ll call to verify.
3. a further measure, communicated to our clients and supplier by post, which I won’t mention online!
Going back to my sorry tale, if you received a non-descript email from me on May 21st with a link to a Dropbox URL, and you clicked the link, please inform your bank and any investment companies or any intermediaries you use immediately. Change your email password and any other log-ins using the same password, check your email ‘sent’ and ‘deleted’ folders for any strange communications made from your account, and check your email filters for any new settings created. Never use email to contact a financial institution or intermediary and do not email anyone your signature.
These things always seem to happen to someone else. I hope my experience can stop this becoming you.