DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Security

Attackers Misusing Email Inbox Rules

DigitalCIO Bureau by DigitalCIO Bureau
September 22, 2023
in Security, Tech News
0
Attackers Misusing Email Inbox Rules
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Barracuda has unveiled a new Threat Spotlight, that shows how attackers can misuse inbox rules in a successfully compromised account to evade detection while they – among other things – quietly move information out of the corporate network via the breached inbox. Not only this, but attacks can also ensure that the victims don’t see security warnings, file selected messages in obscure folders so the victim won’t easily find them or delete messages from the senior executive they are pretending to be in an attempt to extract money.

“The abuse of email inbox rules is a brilliantly effective attack tactic that provides stealth and is easy to implement once an attacker has compromised an account,” said Prebh Dev Singh, Manager, Email Protection Product Management at Barracuda. “Even though email detection has advanced over the years, and the use of machine learning has made it easier to spot suspicious rule creation – our detection numbers show that attackers continue to implement this technique with success. Malicious rule creation poses a serious threat to the integrity of an organization’s data and assets. Because it is a post-compromise technique, it’s a sign that that attackers are already in your network. Immediate action is required to get them out.”

Speaking on this issue, Parag Khurana, Country Manager, Barracuda Networks (India) Pvt Ltd, commented on the efficacy of this attack methodology: “The abuse of email inbox rules offers attackers both stealth and ease of execution once they compromise an account. In the Indian context, where cybersecurity challenges are constantly evolving, it is imperative that organizations adopt advanced defense measures and robust email security strategies to safeguard against threats. Barracuda remains committed to assisting Indian businesses in their cybersecurity journey, providing cutting-edge solutions to thwart attacks and protect data.”

The Clandestine Potential of Email Inbox Rules

Once an attacker successfully breaches a victim’s email account, they can create automated email rules to establish persistent access to the inbox. These rules can empower attackers to – Steal Information or Money: Attackers can configure rules to forward emails containing sensitive keywords like “payment” or “confidential” to external addresses, enabling them to purloin valuable information or funds while evading detection.

Conceal Inbound Emails: By relocating crucial inbound emails such as security alerts to obscure folders or erasing them, attackers can ensure victims remain oblivious to potential threats or command-and-control communications. Gather Intelligence: Attackers can surveil victims’ activities and amass intelligence on individuals and organizations, potentially for use in subsequent exploits or operations.

Facilitate Business Email Compromise (BEC): In the case of attacks on businesses, perpetrators may set rules to delete incoming emails from specific colleagues, enabling them to impersonate key figures like the CFO and deceive colleagues into transferring funds to accounts controlled by the attackers.

Notably, these malicious rules can persist even if the victim changes their password, activates multi-factor authentication, or imposes stringent access policies. As long as the rule remains undetected, it poses a substantial threat.

Effective Defense Measures Against Malicious Email Inbox Rules

Prevention remains the most effective protection against the exploitation of email inbox rules. Detecting and mitigating the repercussions of breached accounts necessitates comprehensive measures, including: Comprehensive Visibility: Organizations need insight into every action occurring within employees’ inboxes, encompassing rule creation, modifications, logon history, email context, and more. AI-Based Protection: Leveraging artificial intelligence, organizations can construct intelligent user profiles to discern subtle irregularities and promptly flag them for attention. Impersonation Protection: Employing multiple signals, including login and email data, to pinpoint account takeover attempts. Extended Detection and Response (XDR): Solutions such as Barracuda’s XDR Cloud Security, coupled with round-the-clock monitoring by a Security Operations Center (SOC), ensure that even deeply concealed and camouflaged activities are detected and neutralized.

 

Tags: Barracuda
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Nvidia working on customized version of its H20 chip for China

by DigitalCIO Bureau
May 10, 2025
0
Nvidia working on customized version of its H20 chip for China

Nvidia intends to release a modified version of its H20 artificial intelligence chip for China within two months, reported Reuters citing sources. This will allow Nvidia to circumvent...

Read moreDetails

Wipro names Sandeep Dhar as Global Head of its GCC Practice

by DigitalCIO Bureau
May 9, 2025
0
Wipro names Sandeep Dhar as Global Head of its GCC Practice

Wipro Limited has announced the appointment of Sandeep Dhar as Global Head of its Global Capability Center (GCC) practice. Sandeep brings over 30 years of experience in the...

Read moreDetails

Responsive Report: AI Agents Drive Revenue Growth For Global B2B Enterprises

by DigitalCIO Bureau
May 9, 2025
0
CISOs Need to Champion AI TRiSM to Improve AI Results

Responsive, the global leader in AI-powered Strategic Response Management (SRM) software, in partnership with the Association of Proposal Management Professionals (APMP), today released its 2025 State of Strategic...

Read moreDetails

HCLTech Join Hands With CareAR And ServiceNow To Launch AR- Based IT Infrastructure Solution

by DigitalCIO Bureau
May 9, 2025
0
HCLTech Join Hands With CareAR And ServiceNow To Launch AR- Based IT Infrastructure Solution

HCLTech has launched an augmented reality (AR)-based infrastructure management solution in collaboration with CareAR and ServiceNow to enhance IT operations with augmented intelligence, real-time remote assistance and automation-driven workflows. HCLTech is...

Read moreDetails

Japanese users targeted in new phishing attack

by DigitalCIO Bureau
May 9, 2025
0
Phishing emails using Adobe InDesign on the rise, Barracuda Threat Spotlight reveals

Cybersecurity firm Proofpoint points to a new phishing attack called CoGUI that is primarily targeting Japanese companies and has a financial motive. Japanese authorities have recently warned of...

Read moreDetails
Next Post
Black Box Laucnhes Its New Center of Excellence

Black Box Laucnhes Its New Center of Excellence

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Infosys Foundation Signs MoU with Bangalore Metro

July 23, 2018

VIAVI and Select Vendor Partners Leading Evolution to Distributed Access Architecture

September 26, 2019

The New Indian Software Products Policy of India

March 1, 2019

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Dell Technologies Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud Honeywell IBM Infographics Internet of Things (IoT) Kaspersky Kyndryl Microsoft Netskope Nutanix Palo Alto Networks Panel Discussion Qlik Salesforce Schneider Electric ServiceNow Sophos Tenable Veeam Veeam Software Vertiv Webinars Whitepaper

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?