Within these Cyber threats, Business Email Compromise scams have jumped 60% over the course of the last 12 months1. Despite awareness of this threat, we have found that an alarming percentage of people (51%) have not changed their password behavior2 and to exacerbate the situation, a large number of users (50%) reuse an average of five passwords across their business and personal accounts3.
The reality is, once exposed on the Dark Web, your information, business email credentials, or otherwise, cannot ever be completely removed or hidden. You cannot ﬁle a complaint or contact a support line to demand your data be removed. Your company should immediately start taking appropriate steps and measures to correct or minimize the risks and potential damages associated with this exposed data. Identify, understand and learn from past mistakes or failures, and adopt a more proactive and preventative approach to your business’ cybersecurity strategies moving forward.
If you have received an email from us confirming that your business credentials have been compromised, We recommend you immediately take the following steps as precautionary measures to prevent a breach:
- NAlert all employees, top to bottom, of the compromised data.
- NImmediately change passwords for all exposed logins – as a further precautionary measure, we recommend everyone in your organization changes their passwords immediately.
- NRetire old and exposed passwords.
In addition to the above, we also recommend you pursue the following:
- NReview individual compromises with critical users and take the time to explain speciﬁc threats and risks – both to the business and potentially, the user.
- NEstablish/update strict password policies and review and share these with everyone in the business.
- NDeﬁne what a strong password is and implement a password construction policy.
- NMake diﬀerent passwords for each business account mandatory and keep personal ones separate.
- NDetermine a schedule for routine password changes.
Your Wolfe Systems win team (Account Manager and/or Technical Lead) will reach out to you directly to discuss the implications that compromised credentials are having on your business and what we are doing to keep your business safe.