palletcentral

PalletCentral • July-August 2022 19 Be aware of the new wave of fraud: malicious email rules forwards your emails to scammers. What are Email Rules? Email rules are based on if-then conditions. If this happens, then do this. Here are a few examples: If email is received from ABC, move it to the "Important" folder If an email is received, send it to abc@123 dot com If email is received from ABC, send a copy to abc@123 dot com Rules are tools to help manage an inbox. But, as in this case, rules were used by criminals to receive a copy of the emails received by the victim. How Did this Happen? ere are a few ways that criminals can add rules to your email account. 1. Clicking on a link in a phishing email 2. Opening an attachment in a phishing email Most of the time the email comes from an existing contact, or an organization known to you. When you click on the link or try to open the attachment, it may appear that link doesn't do anything. However, at the same time, a fake Outlook or Gmail login page requests your account credentials. When the credentials are entered, the login fails but the hacker has automatically installed the email forwarding rule in the email account. ere are different versions of this. Some of the emails may pretend to be from the email service, like Outlook or Gmail, saying a password change was initiated on your account and if you didn't do it, you are supposed to click the link. Others may claim to be Amazon confirming an expensive purchase. All the emails are designed to get you to click the link and enter your email account login credentials. Stealthiness is Dangerous e dangerous part of this scam is that it could go undetected for years. Or, as in this case, until the fake email box became full, triggering the undeliverable response. Without receiving that reply, the email rule could have remained undetected. Since we don't know how long the email rule was in place, it's hard to determine what information the scammer received in the forwarded emails.

• Cover