IKEA has recently been tackling phishing attacks towards its employees. The attacker uses stolen reply-chain emails to lure employees into a false sense of security and click malicious links.
Cyberattacks are becoming an everyday occurrence, and organizations worldwide are falling prey to meticulously-designed malicious attacks. In the case of Ikea, these links install harmful viruses and Trojans to the system. Since the email comes from a corporate reply chain, employees trust the source enough to interact with links within the email.
How is IKEA tackling the attack?
IKEA is scrambling to prevent any further damage due to these phishing attacks. They have already sent a company-wide email to warn their employees:
“There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organizations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA. This means that the attack can come via email from someone that you work with, from any external organization, and as a reply to an already ongoing conversation. It is therefore difficult to detect, for which we ask you to be extra cautious.”
IKEA is taking other measures to protect its servers and employees from attacks. One of these measures is to restrict the employees’ ability to send emails until the attack is resolved. They are also advised not to open any emails and report them to the IKEA IT team.
Prominent global organizations are always at risk of cyberattacks, but it becomes serious once a malicious actor gains access to a reply-chain email.
Unfortunately, there is no way to track down who has compromised the reply chain, and due to the legitimate nature of the emails, it has a better penetration rate.
Therefore, only time will tell how IKEA recovers from this attack and arms itself for a more secure future.