What You Need To Know About Brute Force Login Attacks

October 9th, 2018
What You Need To Know About Brute Force Login Attacks


It’s not a secret. We now live in a world where cyber criminals work day in and day out to hack into small and medium sized businesses in an effort to make money. This practice has become a profession that’s quickly bringing businesses down.

Despite companies working hard to protect against these threats, hackers have developed ways to mimic user behavior as a means of gaining access to sensitive information. One of those ways are through brute force login attacks.

What is a Brute Force Login Attack?

In the tech world, a brute force email password attack is when hackers create an automated script that runs quietly in the background. The script guesses various passwords until the right one is found. The key here is that it’s a quiet program — so quiet, in fact, that software cannot detect what’s happening behind-the-scenes. This type of attack has been happening at an increasing rate on many different email providers.

Here’s How It Works

Hackers usually deploy a brute force attack in the following way:

  • Hackers scour the records of hosts to find out which businesses are using certain email providers they are targeting
  • Scripts are then created to start the brute force login process - continuously guessing passwords systematically with the use of scripts.
  • Once in, hackers set up rules to redirect email to another account. The hackers then delete the forwarded email from the sent and deleted items, making it undetectable by the end user that they’ve been hacked.
  • The hacker monitors the account and makes a decision of when to execute an attack.

Attacks don’t just involve gathering sensitive data. These attacks are especially dangerous because the hackers use your account to send emails to your personal contacts with malicious links that generally contain ransomware. Customers or partners are more likely to open the email and links sent because they’ll appear to have come from you or your business. This now puts both your company's reputation, as well as your contact’s business in jeopardy.

Here’s How To Protect Your Business

Most providers know this risk exists, which is why they go to great lengths to secure their platform. However, there are certain things that you should do as well to ensure you’re fully protected. Here they are.

Force Your Team to Use Complex Passwords

One of the things that hackers bet on is that people will use obvious passwords, assuming a hack will never happen to them. The scripts look for patterns and test some of the most common passwords, such as 123456. By forcing your team to use complex passwords, you can help secure your entire network and protect your business from these threats.

Monitor Rules

Brute force attacks happen when the hackers set up a rule to work in the background, automatically forwarding emails to another account. These rules can be set up without alerting your email provider that the account has been breached because they’re a normal email function among business owners.

To stay protected, there are two things you can do. One option is to keep a close eye on your rules function, monitoring for any unusual forwarding rules that you and your team did not set up. The other option is to disable the forwarding function altogether. If it’s not a function you or your team uses, this is probably the best option.

Enable Two-Factor Authentication

Another way to protect yourself is to enable a two-factor authentication. This approach requires that anytime a person signs in, two steps must be taken to access the account. For example, in addition to entering a password, a person might need to type in a code that’s sent to the mobile phone on file. Adding this second layer makes it nearly impossible for the hacker to set up a brute force attack, which could derail their scheme and keep your account safe.

Deploy an Independent Third-Party Backup of Your Email

Adding in a third-party to the mix can make your account even safer. If a brute force attack happens, you can restore your business’s intelligence via a third-party. This approach can help speed the repairs of any damage done, getting you back online faster.

We’re Here to Help

You could be exposed to a brute force attack without knowing anything is amiss. That’s because a brute force attack occurs using similar usage patterns as a normal business would use. The best thing to do to keep your SMB protected is to follow the steps above. Talk to your managed IT service provider to help determine if your account has been breached and to take the necessary precautions to stay protected.