Attackers exploit inbox rules to avoid detection

New research shows that if an attacker has compromised an email account they can use inbox rules to hide in plain sight while they quietly move information out of your network via your inbox and hide security warnings. The report from Barracuda reveals techniques including setting a rule to forward to an external address all emails containing sensitive and potentially lucrative key words such as 'payment' or 'confidential' to steal information or money. 'The abuse of email inbox rules is a brilliantly effective attack tactic that provides stealth and is easy to implement once an attacker has compromised an account,'… [Continue Reading]