Skip to content

Are your old email accounts secure? Microsoft report

A new security report from Microsoft shows how much is done to mislead and disrupt the upcoming US election plus a warning to everyone about the danger of leaving old email accounts unprotected.

The report is titled “Iran steps into US election 2024 with cyber-enabled influence operations” though it’s clear that both Russia and China are major players in disrupting elections with Iran doing their bit as well.

These intruders are using AI technology to manipulate images, rewrite and misrepresent facts and other spread false information.

Email security on old accounts

Without naming names, some senior US officials have been targeted with hacks into their email accounts. Some of those hacks have been successful.

One trick is getting into an old, now unused or little used, email account then sending phishing messages from there to others.  The receivers see an email from a known sender, unwittingly click on the malicious link which allows access to their account as well.

The Microsoft report is dense with more than a touch of corporate speak and AI influenced writing. Take this important section buried at the end of a long paragraph on page 3:

“ … senior policymakers should be cognizant of monitoring and following cybersecurity best practices even for legacy or archived infrastructure, as they can be ripe targets for threat actors seeking to collect intelligence, run cyber-enabled influence operations, or both.”

Which in human language means:

Follow good cybersecurity habits. Not just for your main email account but also old or stored systems. They can be easy targets for people looking to gather information, carry out online influence activities, or both.

It’s a good point for everyone.  Have you checked on that old email account – maybe the ISP based email, Yahoo, AOL or other address?  Either secure the account login or delete the account completely.

That especially applies in organizations which often has abandoned email accounts from staff who have left or moved to another position.  Those accounts may have to be kept for archiving, but the logins should be restricted to some Admin level access.

Busting the myth about Two-Factor Authentication

About this author

Office-Watch.com

Office Watch is the independent source of Microsoft Office news, tips and help since 1996. Don't miss our famous free newsletter.