Business cyber safety guide

What to Do If Your Business Email Might Be Hacked

When business email may be hacked, the first aim is to secure access, preserve evidence and warn people who could be affected.

Quick answer: stop and verify using a trusted contact method before you pay, approve, reply or ignore warning signs.

Your IT & Tech Mates guide for Australian small businesses on what to do if business email might be hacked or sending suspicious messages.
Your IT & Tech Mates guide for Australian small businesses on what to do if business email might be hacked or sending suspicious messages.

Fast decision

PauseDo not rush payment or approval.
VerifyUse a known contact method.
RecordKeep a short evidence note.
EscalateAsk for help if risk remains.

What this means for a small business

When business email may be hacked, the first aim is to secure access, preserve evidence and warn people who could be affected.

Most business cyber problems become expensive when a normal-looking request is handled too quickly. A safer process gives staff permission to pause, check the source, and ask for help before money, access or sensitive information is exposed.

This guide uses fake examples only. It is designed to help you prepare a safer next step, not to collect private records or replace professional investigation.

Warning signs to check

  • Customers or suppliers received strange emails from your business.
  • Staff cannot find expected emails or notice deleted messages.
  • There are unknown inbox rules or forwarding rules.
  • Someone approved a login prompt they did not expect.

What to do now

  • Secure the account and review recovery details.
  • Check sent mail, rules, forwarding and delegates.
  • Warn customers or suppliers if they may receive fake payment instructions.
  • Review whether any payments or sensitive records were affected.
Safe next stepUse the related free tool to turn the warning signs into a plain-English action note for your business.

What not to do

  • Do not announce that everything is safe until the account has been reviewed.
  • Do not keep using the same device if you suspect malware.
  • Do not enter passwords through links in warning emails.
Money already sent?Contact your bank immediately. Then save the email, invoice, payment and verification details for review.

Related Business Cyber Safety links

FAQ

Is this a formal cyber audit?

No. This is a practical self-check guide, not a formal audit, investigation, certification or guarantee.

Should I share passwords or login codes?

No. Do not share passwords, login codes, banking passwords, card numbers or private customer records through this guide.

What if money has already been sent?

Contact your bank immediately. Then collect the invoice, email details and verification notes for review.

Updated