• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Facility, Network Security

Ikea Investigates Into Internal Email Hijacking Incident

Ikea is investigating into an internal email hijacking incident on its Microsoft Exchange Server, where victims received a genuine looking "reply all" email.

December 2, 2021 Alyssa Borelli Leave a Comment

IKEA EMAIL HIJACKING INCIDENT
filmbildfabrik/STOCK.ADOBE.COM

Multinational furniture maker Ikea announced it is investigating a cyber incident which took place on its Microsoft Exchange server. Malicious emails were sent around the company appearing to be a genuine “reply all” to an email chain, according to documents shared with BleepingComputer.

No customer data was compromised as result of the incident. Other Ikea businesses, partner and suppliers are said to be affected, according to BleepingComputer.

Email hijacking is a social engineering-led attack common among threat actors. The recent SquirrelWaffle malspam campaign utilized this technique where actors exploited an unpatched vulnerability in a Microsoft Exchange server to distribute a Qakbot malware payload.

An Ikea spokesperson told ITPro:

“Actions have been taken to prevent damages and a full-scale investigation is ongoing to seal and solve the issue. We take the matter very seriously as safeguarding personal data is a primary concern for Ikea. It is of our highest priority that Ikea customers, co-workers and business partners feel certain that their data is secured and handled correctly,” they added. “To ensure this, we use security technology to encrypt all personal information, including card numbers, addresses, and other information.”

Read: Top Malicious Email Phishing Techniques Used By Cybercriminals

Ikea has since told staff to be extra vigilant when monitoring their emails. The company is warning of emails that contain links with seven numbers at the end of them. The links lead to a download of a malicious Excel document, where victims are prompted to click “enable edit,” which then leads to the malicious payload.

Employees who come across these emails are being asked to report them instantly to the IT Team via Microsoft Teams so the sender’s address can be identified and blocked immediately.

Ikea says its email filters are seeing some degree of success in catching the phishing emails but couldn’t take the risk that a staffer wouldn’t mistakenly release the email from quarantine given the trusted source, according to ITPro.

Tagged With: email hijacking, Ikea, Microsoft Exchange Server

Related Content:

  • Zoom macOS Update Zoom on macOS Devices Now
  • DDoS, NETSCOUT Arbor Insight NETSCOUT Launches Arbor Insight for Enhanced DDoS Prevention
  • Video Production, Enterprise IT Modernizing Video Applications in Enterprise Environments
  • Zero Trust, ZTNA, Syxsense Syxsense Unveils New Module for Zero Trust Compliance

Free downloadable guide you may like:

  • Shadow ITBlueprint Series: How to Reduce Shadow IT

    The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Research finds that this distributed work environment is leading to IT management blind spots and shadow IT.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Shadow IT
Blueprint Series: How to Reduce Shadow IT

The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Resea...

Hybrid Work webinar
Featured Webcast: Collaboration 2.0 — Where Are We Now?

In this webinar, subject matter experts discuss the transformation of the workplace, the rise of hybrid workers, the importance of open connectivit...

guide to end user training cover
Pro Tips for Conducting End User Training

Effective trainings are the glue that can make the difference following a new technology implementation that your team has spent so much time, effo...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.