The U.S. Federal Bureau of Investigation (FBI) issued a Private Industry Notification alert, noting that cybercriminals are increasingly implementing auto-forwarding rules on victims' web-based email clients to conceal their activities. According to the FBI, cybercriminals then capitalize on this reduced visibility to increase the likelihood of a successful business email compromise (BEC).
"While IT personnel traditionally implement auto-alerts through security monitoring appliances to alert when rule updates appear on their networks, such alerts can miss updates on remote workstations using web-based email," says the FBI.