- Posted by James Allat
- On 27th November 2020
Over the last few weeks, Calder IT has received calls from prospective clients to ask if we could help look at their Microsoft365 emails. They did not seem to be receiving emails. They had received reports from their clients that suspicious emails had been received, requesting payments to different bank accounts.
Calder IT investigated the Microsoft365 systems, we found that all the domains were hosted with Go Daddy and they all had rules set up in the user’s Microsoft365 mailboxes to forward and delete emails.
Most of the rules that had been set up were regarding forwarding emails relating to payments and invoices to external email addresses.
After investigating further, we found that Go Daddy had reported a data breach back in April 2020.
Go Daddy confirmed they had sent emails out to their customers regarding the data breach. One of the rules we found setup on the compromised email accounts was set to delete any emails sent from the Go Daddy domain.
As a precaution, we recommend following these steps: –
- If you have a Go Daddy account, we recommend that you look at resetting your password and if you have a hosted Microsft365 account with Go Daddy we also recommend you reset the password for all your business Microsoft365 accounts and look to enable 2 Factor Authentication.
- Check for any email rules set up inside each email account within your email accounts Microsft365 Outlook login.
If you would like more information or to arrange a review of your IT systems then please contact CalderIT on 0330 002 0088 or see our Contact us page.
#DataBreach #ItSupport #Microsft365 #Office365 #Halifax #WestYorkshire #Yorkshire #Manchester #NorthWest #ItSupportServices #Hosting #ISP