ChangemakerZ experienced email hijacking

Here at ChangemakerZ we created our professional email addresses back in November 2020. We were very excited because it was and it is a great opportunity to have a more professional look, better communications management, and a professional interface.

We want our email to be delivered as soon as possible and to prevent them from being flagged as Spam or go to the junk folder. This is why we are using advanced IT methods and the best global security protocols to ensure that our communications are encrypted, safe and reliable. An email is sent in less than 0.8 sec. Protocols like SMTP, IMAP, SPF, VSPF, TTL, SSL, DMARC, DMARC-TLS, etc. In addition to that, we are maintaining three different email servers: one for direct communications, one for marketing solutions (newsletters, updates, and more), and one for inter collaboration systems.

Even if we are running on the most dedicated email servers including AWS, Mailgun, and Google, with plenty of different security variables, we experienced a type of hijacking. Computer software was using masked Gmail addresses and it randomized email addresses under changemakerz.org network in order to take the personal data of our staff. Hopefully, we resolved the issue in less than 8 hours while there was no loss of data but this event made us think about what happened?

Well, while we have taken all the best measures to protect our inbox, we hadn't invested many resources to protect it from familiar scenarios like someone is reaching you pretending to be the CEO of your company, etc. Actually, there is no way to prevent this! You can only manually disable the reception of this type of communication when you have already experienced a successful receive of an email. This is why our development department made the filtering process of incoming communication even more strict with custom-made anti-phishing scenarios, which are working pretty well I have to say. This is automated system scans every incoming email for any previous banished patterns and it defends us against this thread. The email is received but our partner or team member never receives it in their inbox.

So what happens when this system fails? Well, in that case, our IT department always checks for any suspicious activity in the whole ChangemkerZ network and subsystems like ChangemakerZ Media and we always ensure that any type of hijacking won't happen again. In fact, we have doubled the tracking systems and the alert methods, just in case.

But, we always advise our staff to be very careful. If they receive something strange, they should report it or forward it to the IT department executive and of course, they have to check for the sender address as well.

Right now, we are working on a new identification method between intercommunication environments which will help everyone in the team to know when an email is authentic or not.


ChangemakerZ Organization

6099 Winfield Blvd

San Jose, California  95120





Copyright 2021© ChangemakerZ Organization - All rights reserved.

Whole logo white transparent .png

Designed by