Threat Intelligence Archives

How to Tell If Your Business Email Has Been Compromised

You may not notice it right away, but when a business email account gets compromised, the damage can escalate quickly. Cybercriminals aren’t always looking to lock you out or cause a scene. Sometimes, they’re happy to quietly monitor your inbox — watching, waiting, and gathering information they can use to exploit your company or your clients.

That’s why it’s critical to recognize the warning signs early. The sooner you know something’s wrong, the faster you can contain the threat, reset credentials, and prevent further damage.

an employee trying to tell if his business has been compromised

Why Email Is a Prime Target

Email is the front door to your business. It’s where invoices are sent, credentials are reset, client conversations are stored, and sensitive documents are shared. That makes it a high-value target for attackers — especially in industries like law, finance, and healthcare.

Unfortunately, most business email accounts (especially those using Microsoft 365 or Google Workspace) can be accessed from anywhere in the world if the credentials fall into the wrong hands. And with phishing kits and credential-stuffing tools readily available online, it’s easier than ever for attackers to break in quietly.

Warning Signs You Shouldn’t Ignore

While every attack looks different, there are a few common red flags that often point to email compromise:

You start receiving unexpected password reset requests or MFA prompts
Clients or colleagues say they received suspicious emails from your address
You see login alerts from unfamiliar locations or devices
Emails you never saw are sitting in your Sent or Deleted folders
Rules appear in your inbox that forward, delete, or move messages without your knowledge

These subtle signs are easy to miss, especially if your day-to-day email habits don’t change. But they often indicate that someone else has gained access — and may already be using your account as a launch point for further attacks.

What to Do If You Suspect a Breach

If you notice anything out of the ordinary, don’t wait. Start by resetting the account password, removing any unknown forwarding rules, and checking for suspicious sign-in activity. If you use Microsoft 365 or Google Workspace, access the admin center to review login logs and recent activity. It’s also important to notify your IT provider, even if you’re unsure — it’s always better to investigate a false alarm than ignore a real one.

And if your email doesn’t currently have multi-factor authentication (MFA) enabled, consider that a top priority. It’s one of the simplest and most effective ways to stop unauthorized access — even if your password is compromised.

Get a Free Security Check

Worried that your email account may have been compromised — or want help tightening things up before it happens? Cost+ offers a free security check that can identify vulnerabilities, scan for threats, and give you a clear path forward.

Schedule your free check today and take back control of your inbox.

5 Things to Back Up in Microsoft 365 That Most Businesses Forget

Microsoft 365 has become the default productivity platform for businesses of all sizes — and with good reason. It’s powerful, flexible, and packed with tools that keep teams connected. But there’s a common and dangerous misconception about Microsoft 365: that everything is automatically backed up.

It’s not.

While Microsoft protects your data from things like infrastructure failures and short-term glitches, it’s not responsible for all the things that can go wrong on your end — like accidental deletions, overwrites, security breaches, or long-term data retention needs.

If you assume Microsoft 365 has it all covered, you’re likely missing some critical pieces.

What Most Businesses Overlook

You might think email is covered (and to a point, it is), but what about documents stored in OneDrive? Shared data in Teams? Calendar entries? Without the right backups in place, recovering this information can be time-consuming — or impossible.

Here are five things in Microsoft 365 that often go unprotected:

Teams chats and shared files – Teams is now a central hub for collaboration, but messages and shared content can be lost or become inaccessible after account changes or deletions.
OneDrive files – If an employee leaves and their license is removed, their OneDrive files can be permanently deleted after a short window.
Shared mailboxes – These aren’t always backed up by default and can contain important client or internal communication.
Calendar data – Lost meeting records, appointments, or shared scheduling data can impact coordination — especially for teams handling client work or deadlines.
Deleted emails and folders – After the recycle bin period ends (typically 30 days), deleted content is gone for good unless a third-party backup is in place.

You Need More Than Built-In Retention

Microsoft 365’s retention policies are designed for short-term recovery — not full business continuity. If you’re handling sensitive data, managing multiple user accounts, or simply want peace of mind, a purpose-built backup solution is essential. It ensures you can recover lost or deleted content, comply with retention rules, and stay protected in the event of accidental or malicious data loss.

Get a Free Backup Check

Not sure what your current setup is actually backing up? At Cost+, we offer a free evaluation to identify gaps in your Microsoft 365 data protection. We’ll give you a clear picture of what’s covered — and what’s not — so you can make the right decision before it becomes a problem.

Book your free Microsoft 365 backup check today and protect what matters.

Get Started

Company

Consulting

About

Quick Links