1. Forum
  2. tqwNet
  3. TQW GENTECH

  • 'It's more common than you think': Experts reveal how hackers are

    From TechnologyDaily@1337:1/100 to All on Tuesday, April 14, 2026 17:00:24
    'It's more common than you think': Experts reveal how hackers are trying to hijack your inbox with these clever tactics

    Date:
    Tue, 14 Apr 2026 15:55:00 +0000

    Description:
    There is one specific feature hackers often use to maintain persistence and exfiltrate data.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Proofpoint highlights inbox rules as key persistence tactic in email breaches Attackers use rules to hide alerts, forward data, and bypass password changes ~10% of compromised accounts in Q4 2025 had malicious rules created within seconds of access When taking over a persons inbox, there is one specific, very popular technique cybercriminals use to maintain persistence, exfiltrate data without being spotted, and impersonate their victims - despite it not being malicious on its own,
    experts have warned.

    Security researchers Proofpoint published a report highlighting the use of inbox rules in cybercrime - automated instructions that sort, move, delete,
    or forward incoming messages based on specific conditions that the user sets up. While mailbox rules are designed to help users organize email , attackers leverage them to delete, hide, forward, or mark messages as read, silently controlling email flow without alerting the victim, Proofpoint warned.
    Article continues below You may like Watch out: hackers are hijacking Microsoft Teams messages to try and get access to your emails - here's what you need to look out for Microsoft SharePoint exploited to hack multiple energy firms Hackers target LinkedIn accounts with devious new phishing
    attack How to spot malicious rules It's more common than you think,
    Proofpoint said in its report. Analyzing email breaches that happened during Q4 2025, the researchers found that roughly 10% of compromised accounts had
    at least one malicious mailbox rule created shortly after initial access -
    and usually before any other malicious activity.

    In fact, in some cases the rules were created five seconds after the initial breach, showing just how important the technique is.

    Besides being able to monitor communications, hide security alert emails, or read 2FA codes, there is another important advantage to email rules - maintaining persistence even after the passwords are changed.

    If a victim realizes their account was compromised, and simply changes the password without deleting the rules, the attackers will keep their access regardless of the credentials change. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Spotting the rules is easy, though. They need to be named, and Proofpoint
    says going through the names once in a while is the best way to spot email account compromise. The usual names are . ..., ,, or similar.

    The report highlights enterprise users (especially finance, executives, and business-facing roles) as primary targets in business email compromise scenarios, along with university accounts (students, faculty, and dormant accounts). The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/its-more-common-than-you-think-experts- reveal-how-hackers-are-trying-to-hijack-your-inbox-with-these-clever-tactics


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)