FBI Warns of Email Forwarding Rules Being Abused in Recent Hacks

The US Federal Bureau of Investigation says that cyber-criminals are increasingly relying on email forwarding rules in order to disguise their presence inside hacked email accounts. From a report: In a PIN (Private Industry Notification) alert sent last week and made public today, the FBI says the technique has been seen and abused in recent BEC (Business Email Compromise) attacks reported over the summer. The hackers’ technique relies on a feature found in some email services called “auto-forwarding email rules.” As its name implies, the feature allows the owner of an email address to set up “rules” that forward (redirect) an incoming email to another address if a certain criteria is met. Threat actors absolutely love email auto-forwarding rules as they allow them to receive copies of all incoming emails without having to log into an account each day — and be at risk of triggering a security warning for a suspicious login.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

twenty − 12 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.