FBI: Business Email Compromise Attacks Abuse Email Auto-Forwarding
Health IT Security
The FBI recently released a joint Private Industry Notification, warning organizations that hackers are actively abusing email auto-forwarding on web-based email clients during business email compromise (BEC) attacks to hide successful system breaches from victims.
The use of web-based email clients rapidly expanded across all sectors in light of expanded telework amid the pandemic. In typical fashion, attackers have been targeting these platforms to take advantage of the increased traffic.
The sophisticated BEC scams target any organization that performs electronic payments. In its initial stages, the hacker will compromise an enterprise email account using social engineering or other network intrusion tactics.
Once access is gained...