Skip to main content

Battle of the Week - Data Exfiltration and Email Forwarding

The Battleground:

A Company’s Email Service 

The Presumption:  

Restricting access to what employees can do with emails sent to their inbox. 

The Discovery:  

InfusionPoints noticed that emails being sent to a user’s inbox were being forwarded to another email not within the company. This can easily leak sensitive data and knowledge about the company. Without having restrictions setup to prevent this then any information on emails is vulnerable to be used against the company or repurposed to send phishing emails. The analyst did notify the company about the email forwarding to confirm if any sensitive material was sent out. Luckily, the email forward didn’t contain any sensitive material. 

Our Solution:  

Restrict emailing services so sensitive emails do not go to a mailing address not within the company. If this is allowed, then keep a close eye on what emails are forwarded out. 

Lessons Learned: 

It is hard to keep information about your company internal, but one slip up is all it takes to ruin a company.