.jpg?width=300&name=iStock-505252961%20(1).jpg)
The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business email compromise (BEC) attack.
The warning was issued through a joint Private Industry Notification (PIN) and coordinated with DHS-CISA. BEC attackers are most famous for compromising business email accounts with the end goal of redirecting payments back to them. These cybercriminals used email rules to target web-based email clients to hide their activity while also impersonating employees.
These types of costly tactics could potentially force companies to go out of business."According to recent FBI reporting, cybercriminals are implementing auto-forwarding rules on victims’ web-based email clients to conceal their activities," the FBI released in a statement.
.jpg?width=515&name=image002%20(2).jpg)
Source: Bleeping Computer
The FBI advises IT admins to prohibit automatic forwarding to any email or external addresses. This measure could fully block any incoming BEC attacks. It's also important for your users to be educated about BEC attacks. Preventative measures such as new-school security awareness training can help users to how to actively report any suspected compromise.
Bleeping Computer has the full story.
CEO fraud has ruined the careers of many executives and loyal employees, causing over $26 billion in losses. Don’t be the next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.
