IKEA, the Swedish furniture brand, has been hit by a cyber attack using reply-chain emails, Bleeping Computer reports.
Reply-chain attacks occur when malefactors steal legitimate corporate emails and reply to them with malicious links. These lead to
documents that install malware, Bleeping Computer says.
The furniture brand has not publicly disclosed the attack. But Bleeping Computer has obtained this corporate email sent to employees:
"There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA.
"This means that the attack can come via email from someone that you work with, from any external organisation, and as a reply to an already ongoing conversations. It is therefore difficult to detect, for which we ask you to be extra cautious."
The report could not be independently confirmed at deadline.
Bleeping Computer notes that employees tend to be more trusting of emails sent from internal compromised servers and existing email chains.