I'm wondering if anyone out there has a set procedure or plan for communicating internally when we know or suspect that a client's information has been compromised. For instance, if a client emails us with requests that raise red flags—like changing banking details—it often goes out to several people in our organization. The tricky part is that these emails might seem legitimate because they're coming from the client's genuine email address, which could have been hacked. It's a bit chaotic since we use Teams for communication, but management hasn't really adopted it properly, leaving the departmental Teams platforms unused.
4 Answers
We’ve got a solid playbook ready to tackle situations like these. The first step is always to search through all mailboxes for the sender using filters like subject and time, and then just delete the suspicious emails. It's important to act fast to minimize any potential damage.
Pro tip: Make it a team effort! Everyone should know the signs of a hacked email and how to respond.
What we do when this occurs, which is pretty often, is have one of our team members contact the client directly. Almost every time, they confirm that their email got hacked and tell us to disregard the suspicious emails. It really helps clarify the situation quickly.
I faced the same issue recently! One client said it wasn't a big deal and just spam. I had to insist they were compromised since it was their third or fourth breach in a few years. It’s frustrating when companies don’t take security seriously.
Here’s our two-step process: 1) We immediately block any emails from the compromised domain along with other related details, and 2) We keep those domains on our radar until the client can demonstrate that they’ve fixed the issues.
Our approach is all about ‘search and destroy.’ We lock down any affected accounts, check for changes in sensitive details like passwords or payment accounts, and add those clients to our "known breached" list to prevent further issues. This way, all emails from them have warning headers, which helps keep everyone aware and cautious.
Exactly! We usually find the email in multiple inboxes and just make sure to wipe it out. Better safe than sorry!