IKEA Suffering Ongoing “Reply-Chain” Email Attack

By   ISBuzz Team
Writer , Information Security Buzz | Dec 01, 2021 05:27 am PST

BACKGROUND:

IKEA is suffering an email phishing attack using both internal and compromised partner reply-chain emails. In internal emails viewed by Bleeping computer, IKE warned employees of the ongoing attack and evidence suggests that the attack may be spreading the Emotet or Qbot trojans. IKEA email excerpts:

“There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA,”

“This means that the attack can come via email from someone that you work with, from any external organisation, and as a reply to an already ongoing conversations. It is therefore difficult to detect, for which we ask you to be extra cautious.”

“Our email filters can identify some of the malicious emails and quarantine them. Due to that the email could be a reply to an ongoing conversation, it’s easy to think that the email filter made a mistake and release the email from quarantine. We are therefore until further notice disabling the possibility for everyone to release emails from quarantine,” IKEA communicated to employees.”