Business Computer/Email Security Concerns

746 Views | 11 Replies | Last: 2 days ago by falconace
MyNameIsJeff
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
12:07p, 10/23/25
AG
We've been having lot of issues with spoofed emails and a few other things over the last several months. A few examples:

- Receiving emails/meeting invites for stuff like "HR Review", "Compensation Discussion", etc. from what appears to be my own email.
- Receiving emails from current and former (even including deceased) employees. These show as their name, but the addresses are obviously not.
- Emails to reset microsoft logins.
- (my favorite) One employee watched their cursor move across the screen and select a file. IT blamed this one on a laptop battery issue.
- Emails to clients requesting banking information changes.

I'm receiving 10+ of these some days.

We are a smaller company and use a third party IT group for everything computer related. Their responses to these is largely to "just ignore them and they will go away". This is way out of my wheelhouse, but that doesn't seem like an acceptable response. Some of these emails are to/from very specific people about specific items that make me think someone is actively monitoring our email traffic (for instance, email that looks like it's from our accountant to a client that we are actively working for requesting updates to our direct deposit). I think it's just a matter of time until a less computer savvy person in our organization messes up and clicks a link or something that causes major issues.

Thoughts?
Reply Quote
Lathspell
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to MyNameIsJeff 12:40p, 10/23/25
AG
Sounds like your email security has been compromised or they have remote access to your end points. They know who you're dealing with and see your invoices. This allows them to easily spoof your email to customers and provide them with invoices so they get money from your customers.

In this day and age, every company really needs to focus on and budget for cybersecurity. At the bare minimum, yall should have the following:

  • Remote Monitoring and Management (RMM) software
    • This is the client or software running on all devices that allows your IT team to automatically update and manage all devices. If you devices are not being updated weekly, you could be open to threats.
  • End-point Detection and Response (EDR) or Managed Detection and Response (MDR)
    • Any IT company or person talking to you about "anti-virus" is living in the past. With the massive saturation of ransomware attacks, all companies of every size need to protect their end-points.An EDR solution should protect you from just about all threats. For example, our company installs SentinelOne on all supported end-points, which I consider "Best of Breed" for EDR.An MDR solution is simply and EDR solution that is managed by a full Security Operations Center (SOC) for live management/monitoring and remediation services. We usually bundle this in with our services
  • Email Security
    • This is not a 100% foolproof thing, but you should have some form of filter. At least to catch those phishing emails that seem to be coming from an internal email address. Do yall have anything in place? Something like Proofpoint or another provider?
  • Firewall
    • Too many small companies I go and talk to don't even have a firewall in place. They are going straight from the comcast or AT&T router to their network. This leaves your network, and any device on your network, wide open to attacks. I'm literally talking to a 5-person company, right now, who does not have a firewall. That's crazy, to me.
That's just a quick list of the basic "must haves" for any business, though I know I would have many questions to go over in a meeting to discuss these issues.
Reply Quote
3
3 edits
jagouar1
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to MyNameIsJeff 9:22p, 10/23/25
AG
How much are you paying for email? (and which service are you using)
Reply Quote
EMY92
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
1:49a, 10/24/25
AG
Where I work, the people with LinkedIn accounts are constantly getting phishing emails and texts. The most common is getting an email/text from the "owner" of our company asking someone to do something that would open our system to attack.
Reply Quote
3
MyNameIsJeff
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to jagouar1 8:37a, 10/24/25
AG
jagouar1 said:
How much are you paying for email? (and which service are you using)

I have no idea. I'm just a low guy on the totem pole that thinks this is a little more serious of a concern than everyone else is treating it. My address is @companyname, and I do everything through outlook (don't know if that's the answer to your service question).
Reply Quote
MyNameIsJeff
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to MyNameIsJeff 9:04a, 10/24/25
AG
I guess my main question is if this is an acceptable response from our IT provider, if they should be more proactive, or if we should look into taking our business elsewhere.
Reply Quote
1 edit
Lathspell
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
9:16a, 10/24/25
AG
It depends what yall have in place and what your budget as a company is. There are so many companies out there who opt out of so many necessary cybersecurity solutions because they think they are too small for someone to try and scam them.

They fail to realize these scammers do their due diligence. These are organized criminal groups that know how much money your company can afford to pay to release data, in a ransomware situation. Outside of that, spoofed emails with fake invoices are very common.
Reply Quote
2
jagouar1
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to MyNameIsJeff 11:17a, 10/24/25
AG
MyNameIsJeff said:
I guess my main question is if this is an acceptable response from our IT provider, if they should be more proactive, or if we should look into taking our business elsewhere.

I would say they should be more responsive but sounds like yall are doing the minimum so get ready to open the pocketbook, good email security is not cheap.
Reply Quote
kb2001
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to MyNameIsJeff 10:39a, 10/26/25
AG
MyNameIsJeff said:
I guess my main question is if this is an acceptable response from our IT provider, if they should be more proactive, or if we should look into taking our business elsewhere.

It is NOT an acceptable response from your IT provider.

This day and age, SPF records are a must for sender verification. If they are not using this tool, then they are not serving you well

https://duckduckgo.com/?q=email+SPF+records&t=brave&ia=web
Reply Quote
4
Lathspell
User Profile
Private Message
Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
In reply to kb2001 12:14p, 10/26/25
AG
But there could be much more affecting them than that would fix, if they haven't made those configurations.

You also don't know what the scope of their services are. Just saying "we have 3rd party IT" doesn't tell us ANYTHING about their contracted services.

Again, I deal with customers all the time, especially younger companies, who want to be as cheap as possible, so they forego certain BDR solutions we recommend or opt out of MDR solutions and email security options because they don't want to pay the money and think, "we're just a little company. Organized crime only goes after the big guys."

I literally hear these objections on a weekly basis. I have to then spend 30 minutes explaining every possible way they are vulnerable and what each piece to our services covers. Also, a good IT company needs to know when to say "no." I've told many companies, over the years, that we just aren't a good fit for them. If they are not willing to allow us to get them up to the standard that we expect to support, I will pass on the opp.
Reply Quote
CapCity12thMan
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
10:50a, 10/27/25
AG
"ignore it and go away" is not an acceptable answer from anyone you are paying.
Reply Quote
3
falconace
User Profile Ignore User Stop Ignoring
How long do you want to ignore this user?
24 hours One week Permanently Cancel
6:28a, 11/14/25
I agree, it's not an acceptable response. If you want to make a change to a provider that takes cyber seriously and will bring Fortune 500 level cyber and IT solutions to SMB for a reasonable cost, email username at gmail. We can solve these issues pretty quickly.
Reply Quote
Refresh
Page 1 of 1
 
×
subscribe Verify your student status
See Subscription Benefits
Trial only available to users who have never subscribed or participated in a previous trial.