HomeUpdateWhy is the biggest furniture company in the world facing a crisis?

Why is the biggest furniture company in the world facing a crisis?


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 02/12/2021 by Nidhi Khandelwal

IKEA is fighting a hack in which threat actors are utilising stolen reply-chain emails to target employees in internal phishing assaults.

Threat actors steal authentic corporate email and then reply with links to malicious documents that install malware on recipients’ devices in a reply-chain email assault.

Why is the biggest furniture company in the world facing a crisis? 1

Because the reply-chain emails appear to be authentic company emails and are frequently sent from hacked email accounts and internal servers, users are more likely to trust the email and open the infected documents.

IKEA is warning employees about an ongoing reply-chain phishing cyber-attack targeting internal mailboxes in internal emails acquired by BleepingComputer. Other compromised IKEA companies and business partners are also sending these emails.

“Inter IKEA mailboxes are currently the subject of a cyber-attack. The same attack has infiltrated other IKEA organisations, suppliers, and business partners, who are circulating malicious emails to Inter IKEA employees “According to an internal email seen by BleepingComputer, it was sent to IKEA staff.

Why is the biggest furniture company in the world facing a crisis? 2

IKEA IT teams have issued a warning to employees that the reply-chain emails contain links with seven numbers at the conclusion, as illustrated below. Employees are also instructed not to open the emails, regardless of who sent them, and to immediately report them to the IT department.

Threat actors have recently started utilising the ProxyShell and ProxyLogin vulnerabilities to infiltrate internal Microsoft Exchange servers in order to launch phishing attacks.

They exploit internal Microsoft Exchange servers to launch reply-chain attacks against employees using stolen company emails after they acquire access to a server.

There is a higher level of trust that the emails are not harmful because they are sent from within hacked systems and existing email chains.

There’s also a risk that recipients will unintentionally release the dangerous phishing emails from quarantine, believing they were caught in filters by accident. As a result, they’ve disabled employees’ capacity to send emails until the incident is rectified.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...