Shared Mailboxes - Asset or Liability to your Company

It is Time for Your Company to Start Thinking Differently About Shared Mailboxes

As phishing and ransomware attacks increasingly dominate news headlines, it is important to revisit your company’s cyber security vulnerabilities and consider shortcomings.   One of the most overlooked and underestimated points of a cyber-attack starts with shared mailboxes.

Why are Shared Mailboxes at Risk?

While shared mailboxes are supposed to make life easier, the fact remains that multiple users will see the same email from a single source.   If that email is malicious, a cyber-criminal just disseminated malicious content to a group of users – not just one user.   Further, shared mailboxes can send emails as well.   What you thought was going to make your life easier, just made your life a nightmare.

The big service providers warn businesses about shared mailbox vulnerabilities.   Just look at what Microsoft says about them:

“Every shared mailbox has a corresponding user account. Notice how you weren't asked to provide a password when you created the shared mailbox? The account has a password, but it’s system-generated (unknown). You aren't supposed to use the account to log in to the shared mailbox.

But what if an admin simply resets the password of the shared mailbox user account? Or what if an attacker gains access to the shared mailbox account credentials? This would allow the user account to log in to the shared mailbox and send email.” [docs.microsoft.com]

There is a bit of irony to Microsoft’s warning, however.   Even though they plainly state that shared mailboxes come with certain vulnerabilities, Microsoft does not require a license for them.  Shared mailboxes are free.  

Since Microsoft does not charge for shared mailboxes, many companies choose to exclude protecting shared mailboxes for budgetary reasons.   Their thinking is, well if Microsoft does not charge for shared mailboxes, why should I pay anything to cover them? Saving a couple bucks per month by not covering shared mailboxes will eventually lead to serious financial losses.

The Chain Reaction and Cost of Successful Phishing Attacks

When considering the cost of a successful phishing attack, remember that phishing is just the first domino to fall.  If the cyber-criminals get credentials from their phishing campaign, ransomware is highly likely to follow.   According to SecurityIntelligence.com, the average cost of a ransomware attack was $4.44M in 2020.  That is not to say a small business would get ransomed for millions of dollars; hackers tend to ask for an amount commensurate with the size of your company; but the amount they ask for is sure to catastrophically damage your company financially.   It’s also worth noting that many times even if you pay the ransom, cyber-criminals still won’t relinquish control of your environment. According to IBM, incident response and security automation showed the greatest reduction in data breach costs.   

 

 

 

 Examples of Shared Mailbox Phishing

  1. Shared Mailbox Sending a Phishing Email

mceclip0.png

https://security.berkeley.edu/news/phishing-example-update-required-berkeleyedu

  1. Shared Mailbox Receiving a Phishing Email (Note all users attached to info@help get this email)

mceclip1.png

https://uit.stanford.edu/phishing/2020-09-16-000000

 

Contact Coronet to Learn More About Protecting Your Shared Mailboxes

Our platform protects shared mailboxes for O365 and Gsuite.   We encourage all of our customers to consider the risk versus the reward when deciding to not protect your shared mailboxes.   In many ways, they are more susceptible to successful cyber-attacks than a typical user account.   Talk to one of our professionals to get more information.

 

0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.