There has been an increase focussed brute force password attacks on email accounts (POP, IMAP, SMTP) across all servers. Once an account is compromised attacker modifies emails stored, setting and send huge spam affecting legitimate email delivery. We request all clients and staff to
- Use secure password for your email accounts. They should be a combination of UPPER case, lowercase letters, numbers, special characters and/or spaces
- Please donot create generic POP accounts such as email@example.com or firstname.lastname@example.org, as these are most sesuptable to attack. Instead create a forwarder to forward email sent to say email@example.com to firstname.lastname@example.org where email@example.com is the POP account.
- Use SSL/TLS secure POP authentication methods to access email from remote PC. We can now provide SSL/TLS on your domain-name in additional to server-name if need for corporate branding.
We are taking all steps to manage these attacks at server-level, but ask for you co-operation to defend against such vectors.