Deliverability
“Dear friends and family, if you’ve gotten any suspicious-looking messages from me recently, please don’t open them!”
That’s probably the message you’d send to your contact list if someone hacked your personal email.
And, while identity theft is terrible, imagine if your business email account got hacked. It’s not only your personal bank account, credit cards, and personal data at risk, but also all of your customer data. A malicious cybercriminal can easily use your email account to scam your customers and destroy the relationship and trust you’ve built with your subscribers – not to mention your sender reputation.
We’re not going to lie, having your email compromised is not a good situation to find yourself in but don’t worry, we’ve got you covered.
You’ve probably got great cybersecurity protocols in place, but all it takes to break through your defenses is someone leaking your API keys or SMTP credentials. Here’s a list of some common ways your email account can be exposed and compromised:
As a best practice, we recommend that you always check your recent activity and investigate any suspicious activity you don’t recognize. You should take your online security as seriously as fraud charges on your credit card. This way, even if your account is compromised, you can nip the hack in the bud and quickly work to minimize and reverse damages.
Let’s say that the worst has happened, and your account has already been compromised. What can you do? Here are some things you can do right away.
Let’s dig into each of these below.
The first thing that you need to do is cut the spammers’ access to your accounts. As an admin, you’ll need to reset your account’s API keys and SMTP credentials for any domain that seems to have issues. The faster you do this, the better off you’ll be.
Now that you have new keys and credentials, it’s time to check how much damage was done. Like the holidays, you’ll have some cleaning up to do once the chaos is over.
Unfortunately, you may face negative consequences because the hackers have probably sent out spam messages authenticated with your actual domains/dedicated IPs.
The most commonly seen issue is your IP may be blocklisted. This can happen on the day the unauthorized send happened or a few days later. In the days that follow, you’ll receive a lot of spam complaints, so be prepared to work with your marketing team to do some damage control.
Now that you’ve assessed the damage, it’s time to reverse it. Not all DNS blocklists are created equal, and the majority won’t impact the delivery of your emails, so it’s best to quickly resolve the listings that matter before focusing on the less utilized blocklists.
If you find yourself on a blocklist, here’s what you need to do to get delisted:
As a benefit of Mailgun’s Deliverability Service, we’ve automated the monitoring of all major blocklists to check them in real-time. Our team of experts will step in to deal with the blocklist providers directly.
Once you’ve reversed the damage to your IP and domain reputation, it’s time to do a password reset. Ensure that your new password is sufficiently strong. Then, set a strong password for the compromised email account and strengthen your cybersecurity practices. Not quite sure how to prevent future leaks? Keep reading, and we’ll go over some tips in the section below.
Once you’ve gotten damage control out of the way, it’s time to think about how to prevent future leaks. Besides strengthening your security software, you can also:
Let’s go over each of these in detail below.
Anyone with access could have contributed to your credentials becoming compromised. You can check out our comprehensive security guide for some general advice on running your infrastructure in a secure configuration.
When hackers send spam with your credentials, it’s likely because your sensitive information got leaked in a public script. You’ll need to make sure only the right people can read your API keys. Luckily, with Mailgun, you can restrict access to your API keys and SMTP credentials by assigning specific roles to your users. The last thing you want is a well-intentioned non-dev sharing your secret keys without knowing what purpose they serve.
Enabling 2FA adds a few extra steps of protection, and since logging in involves a second external device or account, it’s a lot harder to compromise credentials. We recommend ensuring everyone on your team with access, not just administrators, have 2FA configured.
Check out our guide on 2FA to get up to speed. Or, if you’re feeling ambitious, work with your security team to implement multi-factor authentication.
Security is a big consideration when it comes to partnering with services. Make sure you’re choosing a service that provides effective support to act as a resource if you get in a bind.
And if you want additional peace of mind, Mailgun’s Deliverability Service might be a great fit for your email program. We partner you with one of our experts who will help you create and maintain a healthy email program.
