IKEA faces a cyberattack, wherein hackers use internal emails of its employees to target other folks from the workforce.
(Photo : by THOMAS SAMSON/AFP via Getty Images)
A picture taken on May 6, 2019 shows a logo at the new city-centre Ikea concept store at Place Madeleine in Paris. – Ikea opened a new city-centre concept store in Paris on May 6 as the Swedish furniture giant tries a new strategy for winning over urban consumers that will be rolled out internationally this year.
IKEA Hack: Ongoing Cyberattack
As per the report by Bleeping Computer, the news outlet got a first look at the internal emails of IKEA, wherein it went on to warn its employees regarding a reply-chain phishing cyberattack among their emails.
According to Sentinel One, email reply-chain phishing begins by taking over a legitimate email account to send malicious emails to its contact lists. In turn, the malicious email further spreads, in this case, to the internal emails of IKEA.
The IKEA email memo seen by the cyber security publication reads: “There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes.”
On top of that, the phishing campaign is not only targeting the direct workforce of the Swedish retail firm. In fact, even other IKEA-related organizations, as well as their partners in business, also receive malicious emails in their inboxes.
The Swedish firm further disclosed that “other IKEA organizations, suppliers, and business partners are compromised by the same attack.”
IKEA Cyberattack Using Internal Emails
The retail giant went on to explain the ongoing phishing attack, noting that the malicious email from the threat actors could come from your co-workers and even those outside IKEA.
Not to mention that given that some internal emails got stolen, the hackers could even reply to existing email threads as well.
As such, IKEA urged its workforce and business partners to be “extra cautious” as the phishing attack makes it hard for them to detect malicious messages.
However, the retail giant’s warning noted that the malicious emails within the ongoing cyberattack have something in common: the links inside the emails contain seven-digit numbers at the end.
But still, the IT team of IKEA further asked employees to refrain from opening any emails–whether it came from their close friend at work or their boss.
Instead, the IT team asked employees to report all of the emails that they are receiving from their internal emails to the said department of IKEA.
Read Also: Toronto Transit Commission Suffers From Massive Cyberattack-Exposing 25,000 Employee Names, Addresses, and SIN
IKEA’s Email Spam Filters
Meanwhile, IKEA also told its employees that existing email spamming filters could help hide some of the malicious emails and quarantine them to prevent further spreading.
However, cyberattackers are trying to use existing conversations within the internal emails to avoid the filtering system.
Bleeping Computer said in the same report that IKEA has yet to provide its statement. Also, it is to note that the retail giant has yet to disclose the internal cyberattack to any of its platforms publicly.
For now, the cyber attack information is solely based on the internal emails that the news outlet got to see.
Meanwhile, last Nov. 22, the Federal Bureau of Investigation or the FBI, and the Cybersecurity and Infrastructure Security Agency or the CISA issued a joint statement, warning everyone to stay extra cautious during the holidays as massive ransomware attacks usually occur during this time.
Related Article: Cyberattack That Targeted N.L. Healthcare In Canada Is The Worst In Canadian History
This article is owned by Tech Times
Written by Teejay Boris
ⓒ 2021 Techbyandroid.com All rights reserved. Do not reproduce without permission.