The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business email compromise (BEC) attack.
The warning was issued through a joint Private Industry Notification (PIN) and coordinated with DHS-CISA. BEC attackers are most famous for compromising business email accounts with the end goal of redirecting payments back to them. These cybercriminals used email rules to target web-based email clients to hide their activity while also impersonating employees.
These types of costly tactics could potentially force companies to go out of business."According to recent FBI reporting, cybercriminals are implementing auto-forwarding rules on victims’ web-based email clients to conceal their activities," the FBI released in a statement.
Source: Bleeping Computer
The FBI advises IT admins to prohibit automatic forwarding to any email or external addresses. This measure could fully block any incoming BEC attacks. It's also important for your users to be educated about BEC attacks. Preventative measures such as new-school security awareness training can help users to how to actively report any suspected compromise.
Bleeping Computer has the full story.