Email Account Compromise (EAC)

What is Email Account Compromise (EAC)?

Email Account Compromise (EAC) is a cyberattack that involves unauthorised access to your email account by hackers. Hackers can use your email account to send malicious emails to your contacts, steal your personal or financial information, or compromise other online accounts that are linked to your email.

How do you become a target of Email Account Compromise (EAC)?

You can become a target of EAC if you:

• –  Use weak or reused passwords for your NUS and personal email account
• –  Click on phishing links or attachments in emails that may appear to be from legitimate sources
• –  Use public or unsecured Wi-Fi networks to access your email account
• –  Download or install malware or spyware on your device that can capture your keystrokes or credentials
• –  Password credentials that may have been obtained by hackers from a data breach

How do hackers take over your email account?

Hackers can take over your email account by using various methods, such as:

• –  Brute-force attacks: Hackers use automated tools to guess your password by trying different combinations of letters, numbers, and symbols
• –  Credential stuffing: Hackers use stolen or leaked passwords from other websites or data breaches to try to log into your email account
• –  Phishing: Hackers send you fake emails that look like they are from trusted sources, such as your bank, your employer, or a friend, and ask you to click on a link or an attachment that leads to a malicious website or downloads malware onto your device
• –  Keylogging: Hackers install malware or spyware on your device that records your keystrokes and sends them to the hackers, who can then use them to access your email account

Once hacker obtains your password, they can easily configure your credentials on an email client such as Outlook or log in via web access. Some hackers may use a script to automate this process and, at the same time, further spread phishing emails.

In between the process, hackers may also be able to reset your password, prevent you from logging into your own email account and give the hackers full control over it.

Common signs of email account compromise

Some common signs that indicate that your email account has been compromised are:

• –  You receive notifications or emails about password changes, security settings changes, or login attempts from unknown devices or locations
• –  You notice unusual activity in your sent, inbox, trash, or spam folders, such as emails that you did not send or receive, deleted emails, or marked as read emails
• –  You receive complaints or queries from your contacts about suspicious emails that they received from you
• –  You have trouble logging into your email account or other online accounts that are linked to your email

What should you do immediately if your email account has been compromised?

If you suspect that your email account has been compromised, you should take the following steps immediately:

• –  Try to regain access to your email account by resetting your password, answering security questions, or using recovery options. Contact IT Care via itcare@nus.edu.sg or 6516 2080 if you need further assistance with your NUS account.
• –  Change the passwords of all your other online accounts that are linked to your email, especially those that involve sensitive information, such as banking, social media, or shopping accounts.
• –  Scan your device for malware or spyware and remove any suspicious programs or files.
• –  Contact your contacts and inform them that your email account has been compromised and ask them not to open any emails that they may have received from you recently.
• –  Report any fraudulent or suspicious activity to the relevant authorities, such as your bank, your employer, or the police.
• –  If you think you may have exposed some NUS sensitive data in your email account to the attackers, please report based on the below:
  • >  Not involving Personal Data: Use the form via the link https://nus.edu/cyberincident
  • >  Involving Personal Data: Please report directly to dpo@nus.edu.sg

How to prevent your email from being compromised?

To prevent your email from being compromised in the future, you should follow these best practices:

• –  Use strong and unique passwords for each of your online accounts and change them regularly
• –  Enable two-factor authentication (2FA) for your email account and other online accounts that offer this feature
• –  Avoid clicking on links or attachments in emails that look suspicious or come from unknown sources
• –  Use a secure and trusted Wi-Fi network when accessing your email account and avoid using public or shared devices
• –  Update your device’s operating system and software patches regularly; Keep your install antivirus up-to-date with the latest signature.

What is the impact of email account compromise on you and our University?

Email account compromise can have serious and negative impacts on our University, such as:

• –  Loss of privacy and confidentiality: Hackers can access our personal or business information, such as your email contacts, credit card numbers, passwords, or sensitive documents. They can use this information to impersonate and perform fraudulent activities on your behalf or the University.
• –  Damage to reputation and credibility: Hackers can use your email account to send spam, phishing, or malicious emails to your contacts, such as your friends, colleagues, clients, or partners. This can damage our University’s reputation and credibility.
• –  Financial loss and legal liability: Hackers can use your email account to conduct fraudulent transactions, such as making requests to transfer money or request for sensitive information. This can result in financial loss or legal liability to our University.