"FBI: BEC Scams Are Using Email Auto-Forwarding"

The FBI is warning that fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams to trick employees into sending them money under the guise of legitimate payments to third parties.  This tactic is working because most organizations do not sync their web-based email client forwarding features with their desktop client counterparts. This limits system administrators' ability to detect any suspicious activities and enables the fraudsters to send malicious emails from the compromised accounts without being detected.  The FBI received nearly 24,000 BEC-related complaints in 2019, and the scams generated a total loss of $1.7 billion and an average loss per incident of about $72,000.  The FBI recommends several steps that organizations should take to try to mitigate BEC threats.  Organizations should ensure that they run the same version of desktop and web applications to allow appropriate synching and updates.  Organizations should track changes established in email account addresses.  Organizations should also prohibit automatic forwarding of emails to external addresses, and they should monitor the email Exchange servers for changes in configuration and custom rules for specific accounts.

Healthcare Info Security reports: "FBI: BEC Scams Are Using Email Auto-Forwarding"