Ongoing Phishing Attack Targets IKEA Employee Mailboxes To Spread Trojan

FILE PHOTO: The company's logo is seen outside of an IKEA Group store in Saint-Herblain near Nantes, France, March 22, 2021. REUTERS/Stephane Mahe

Homeware and furniture giant IKEA has suffered a cyberattack on its internal mailboxes. IKEA has warned its employees and other associated individuals about the ongoing phishing attack asking them to stay wary of suspicious emails even from official accounts.

IKEA Mailboxes Under Phishing Attack

According to a recent report from Bleeping Computer, IKEA is suffering an ongoing phishing attack. Per the emails that the media site viewed, IKEA has warned its employees to stay cautious as the reply-chain attack targets mailboxes.

As mentioned in the emails, this attack can not only affect employees but other related individuals as well.

There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA.

IKEA has urged all employees not to open emails that include attachments and/or have URLs ending with seven digits. Instead, the recipients should report such emails to the IT department and ask the sender via Microsoft Teams chat to report too.

The company’s email filters may block some malicious emails. However, given the apparent legitimacy of the sender’s address or if the email comes as a response to a legit message, users may pull out the emails from quarantine. Therefore, IKEA has disabled this functionality to release quarantined emails for now.

Our email filters can identify some of the malicious emails and quarantine them. Due to that the email could be a reply to an ongoing conversation, it’s easy to think that the email filter made a mistake and release the email from quarantine. We are therefore until further notice disabling the possibility for everyone to release emails from quarantine

It currently remains unclear how the attack happened. Yet, Bleeping Computer notes that IKEA might have suffered an effect on its Microsoft Exchange servers as well.

Although, IKEA hasn’t explained what phishing emails may lead to. However, the media source suspects Emotet or Qbot trojan behind this attack.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients