Phishing, Content

IKEA Email Cyberattack Involves Phishing, Extends to Supply Chain Partners


IKEA is battling an alleged reply-chain phishing attack that targets internal mailboxes, and the emails are also being sent from other compromised IKEA organizations and business partners, BleepingComputer reports.

The alleged attacks may involve compromised Microsoft Exchange on-premises servers, the report speculated.

IKEA is the world's largest furniture retailer. The company had roughly 422 stores across 50 countries as of March 2021.

IKEA Warning About Alleged Email Cyberattack

An IKEA email warning about the alleged attacks stated the following, BleepingComputer said:

"There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA.

This means that the attack can come via email from someone that you work with, from any external organisation, and as a reply to an already ongoing conversations. It is therefore difficult to detect, for which we ask you to be extra cautious."

The message did not disclose the alleged attack's overall reach and potential fallout. As of November 28 at 3:40 p.m. ET, the IKEA newsroom had not publicly disclosed the attack.

How MSSPs Can Protect On-Premises Microsoft Exchange Servers

Microsoft and the CISA (Cybersecurity and Infrastructure Security Agency) have repeatedly warned IT professionals and MSSPs about on-premises Exchange Server vulnerabilities that need to be patched.

Huntress, an MDR (managed detection and response) security company focused on MSPs, offered this Exchange Server security guidance in April 2021.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.