Business email compromise is one of the most financially damaging cyberattacks hitting Houston companies. If your email account has been hacked — or you suspect it has — here’s exactly what to do.
Signs Your Business Email Has Been Compromised
- Customers or vendors receive emails you didn’t send
- You can’t log in with your password
- Your sent folder contains emails you don’t recognize
- You receive password reset emails you didn’t request
- Unusual inbox rules have appeared (often set by attackers to forward emails or hide responses)
Immediate Steps to Take
- Change your password immediately from a clean, uncompromised device
- Enable MFA if it isn’t already on (this is step one for preventing recurrence)
- Check and delete suspicious inbox rules — attackers often create forwarding rules to maintain access even after a password change
- Review connected apps — revoke any third-party app access you don’t recognize in your Microsoft 365 or Google Workspace security settings
- Alert your IT provider (or call one if you don’t have one)
- Notify affected contacts if malicious emails were sent from your account
- Check your financial accounts — BEC attacks often target wire transfers or invoice payment changes
How Attackers Get In
Most business email compromises start with a phishing email, a reused password exposed in a data breach, or a lack of MFA. Attackers may sit in your account for weeks gathering information before making a move.
Prevention Going Forward
MFA, email filtering, and security awareness training for your team stop the majority of attacks before they start. A managed IT provider monitors for suspicious login patterns and can respond faster than any business owner can on their own.
H-Town IT responds to email compromise incidents and provides ongoing email security for Houston businesses. Learn about our email security services or contact us now.