The fact that the fake email was not sent by the communication partner at all, but by unknown email servers under the control of the spammers, is usually not even recognizable for the layman. However, one should assume that email reply chain attacks are highly effective in their social engineering effect, since the fake reply to a real communication takes place and one usually knows the alleged communication partner very well. In 2021, there were several zero-day security vulnerabilities for on-premises hosted Exchange servers, which theoretically could have leaked the entire email communication if the Exchange servers were not patched or not patched in time.
While it was initially still possible to say that one of the communication partners must have been infected and the email must have leaked out via it, this is no longer necessarily the case today.
0 kommentar(er)
