Inbox Rules: The Concealed Threat to Your Email Security and How to Counter It

2023-09-22 04:49:18

A new study shows that if a hacker has compromised an email account, they can use inbox rules to hide in plain sight, while discreetly moving information out of your network through your inbox and into it. hiding security warnings.

The Barracuda report reveals techniques such as establishing a rule to forward all emails containing sensitive and potentially lucrative keywords, such as “payment” or “confidential”, to an external address in order to steal information or money.

“Misuse of email inbox rules is a brilliantly effective attack tactic that allows for concealment and is easy to implement once an attacker has compromised an account,” says Prebh Dev Singh , responsible for managing email protection products at Barracuda. “Even though email detection has progressed over the years and the use of machine learning has made it easier to spot the creation of suspicious rules, our detection numbers show that attackers continue to implement this technique successfully. Creating malicious rules poses a serious threat to the integrity of an organization’s data and assets. As it is a post-compromise technique, it indicates that attackers are already present in your network “Immediate action is needed to get them out.”

For Business Email Compromise (BEC) attacks, setting up a rule that deletes all incoming emails from a certain colleague, such as the chief financial officer (CFO), allows attackers to pretend not to be aware of the situation. This allows attackers to pose as the CFO and send their colleagues fake emails to convince them to transfer company funds to a bank account controlled by the attackers.

What is worrying is that if the malicious rule is not spotted, it remains operational even if the victim’s password is changed, if it activates multi-factor authentication, if it imposes other strict policies conditional access or if their computer is completely rebuilt. As long as the rule remains in place, it remains effective.

Source : Barracuda Report

And you ?

What is your opinion on the subject?

Do you find this Barracuda study credible and relevant?

See as well

Cybersecurity: more than 3 billion Gmail and Hotmail passwords leaked online and also login credentials for sites like Netflix, LinkedIn, and many others

2.5% of emails received contain a cyberattack, and a quarter of emails received are spam, in 2022, WeTransfer, Sharepoint and Dropbox are the most spoofed brands, according to Mailinblack

Catastrophic hack of email service provider destroys nearly two decades of email data

1695373029
#Attackers #exploit #inbox #rules #avoid #detection #Barracuda #study #finds

Related posts:

Rebuilding on old pillars: another major project to be planned over the next 25 years
Bone Regeneration Materials Market 2022- COVID-19 Impact Analysis, Business Growth, Segments, Future...
2024 MaPrimeRenov' Energy Renovation Rules: What You Need to Know
International Reggae Day: Aly Baba talks about Guinea's Rasta Movement and its ambitions
Osstem Implant returns, stock price roller coaster on the first day of business resumption
Misr Aluminum shareholders decide to distribute a cash coupon of 4.5 pounds per share
Zouhair El Oudghiri, appointed Chairman of the Executive Committee of Dislog Group
A Carolo wins 6.5 million euros in the Lotto: what we know about the lucky winner

JetBlue launches daily Amsterdam-Boston route, expanding European connections

Laurence Dervaux shows the beauty and fragility of our viscera

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.