IKEA, the Swedish furniture brand, has been hit by a
cyber attack using reply-chain emails, Bleeping
Computer reports.
Reply-chain attacks occur when malefactors steal legitimate corporate emails and reply to them with malicious links. These lead to
documents that install malware, Bleeping Computer says.
The furniture brand has not publicly disclosed the attack. But Bleeping
Computer has obtained this corporate email sent to employees:
"There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA
organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA.
"This means that
the attack can come via email from someone that you work with, from any external organisation, and as a reply to an already ongoing conversations. It is therefore difficult to detect, for which we ask
you to be extra cautious."
The report could not be independently confirmed at deadline.
Bleeping Computer notes that employees
tend to be more trusting of emails sent from internal compromised servers and existing email chains.