FBI warns of hackers abusing email forwarding rules in recent attacks

FBI warns of hackers abusing email forwarding rules in recent attacks
Remote-working has seen wider use of web-based email services
Hackers have compromised web-based email systems to plant auto-forwarding rules to help them scam businesses
The FBI has warned businesses of the threat posed by cybercriminals who create auto-forwarding rules on their victims' web-based email services, in an attempt to make them more susceptible to Business Email Compromise (BEC).
According to an industry alert issued by the FBI last week, and first reported by ZDNet, the problem has become worse with the huge shift towards remote working seen at many businesses following the COVID-19 pandemic.
With email auto-forwarding rules in place, criminals hope to conceal their activities from their victims, and those tasked with protecting staff.
To make its point, the FBI described two incidents - both of which took place in August - where fraudsters had exploited auto-forwarding email rules for their own gain.
In the first example, the FBI described how cybercriminals managed to create auto-forwarding rules at the recently upgraded webmail client of a US-based medical equipment company.
Unfortunately, the company's webmail settings did not sync with the firm's desktop client, meaning that the firm's security team had no visibility on the auto-forwarding rules running on the web app.
According to the FBI, hackers gained access to the company's network and posing as a known international vendor ultimately tricked their corporate victim into paying them $175,000.
In the second example described by the FBI, the same hacking gang created three auto-forwarding rules at the web-based email system used by an unnamed manufacturing company: 
"The first rule auto-forwarded any emails with the search terms "bank," "payment," "invoice," "wire," or "check" to the cyber c ..

Support the originator by clicking the read the rest link below.