[Reading time: 2 minutes]
I recently recommended that we regularly check the back doors in our IT systems.
I also promised to discuss some of the not-so-obvious back doors.
Back door #2: Email auto-forwarding.
(What is email auto-forwarding? When one email account receives an email, auto-forwarding automatically sends a copy of that email to another email account).
It’s very handy if you have multiple email accounts and don’t want to log in to every one of them individually.
Email auto-forwarding is also a very handy way for a cybercriminal to receive a copy of the emails that you receive.
Once the criminal has set up** auto-forwarding on your email account, they may never need to log in to your account again.
Your system will deliver your emails to them automatically.
And this won’t stop, even if you change your email account’s password.
So what should you do?
On your personal email accounts, you need to ensure there are no unexpected auto-forwarding rules set up:
- The process to check is different on each email system, so search online for the instructions.
If you are accountable for cybersecurity in your organisation:
- You need to ensure the same check is performed across all of the organisation’s email accounts. If any auto-forwarding is set up, this needs to be checked to confirm there is a valid business reason for this.
- To avoid problems in the future, I recommend that auto-forwarding is disabled by default, and only enabled on an exceptions basis for specific users and specific scenarios. Some systems will allow you to lock this down – e.g. For example, some pointers on how you can do this in Microsoft 365 are here and here. Alternatively, you may need to include this in your staff policy, and regularly check that everyone is complying with this policy.
Why is this important?
Because of the simplicity and effectiveness of auto-forwarding, it is a very common back door used by cybercriminals to retain access to your important data (in this case, your email).
And now that you know this, it is also very simple for you to keep an eye on this back door in the future.
Simple steps can deliver big benefits.
** Just to clarify: Email auto-forwarding is not how cyber-criminals gain initial access into an email system. But once they have got in through another door, email auto-forwarding is a common back door that enables them to retain access to your data, even after they have lost access to your email account.