FBI: BEC Scammers Could Abuse Email Auto-Forwarding

  /     /     /  
Publicated : 23/11/2024   Category : security


FBI: BEC Scammers Could Abuse Email Auto-Forwarding


Private Industry Notification warns of the role email auto-forwarding could be used in business email compromise attacks.



The FBIs Cyber Division has issued a Private Industry Notification (PIN) warning companies of the risks posed by auto-forwarding email rules. PIN 20201125-001 explains that the shift to working from home has raised the risk inherent in many email vulnerabilities, but that auto-forwarding threats are particularly serious because the results can be unseen by employees and security teams until long after a breach has occurred.
In the PIN, which was coordinated with DHS-CISA, the FBI gives examples of how auto-forwarding rules can be exploited to make more effective business email compromise (BEC) attacks. They make special note of the differences that can exist between the ways that auto-forwarding rules are entered and enforced on Web pages and email clients. Those differences can be the stress points that attackers hit to gain access to accounts and make fraudulent messages more believable.
Among the FBIs recommendations: make sure that email software versions are the same on email clients and Web browsers, and that auto-forwards to external email addresses are blocked.
For more, read
here
.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
FBI: BEC Scammers Could Abuse Email Auto-Forwarding