Hackers have taken advantage of the candw.ky email platform to steal sensitive information from some email accounts, authorities said.
The Cayman Islands Cybersecurity Incident Response Team issued a warning recently that it had confirmed some individual email accounts had been hacked.
The cybersecurity group, part of the Information and Communications Technology Authority, does not know how attackers gained access to the email accounts, according to a press release. The regulator said the hackers use the “filter” function on the email platform to forward emails that include bank account numbers or other sensitive information.
“These filters cause emails which contain certain words (e.g. ‘account’, ‘payment’, ‘wire’, ‘password’) to be redirected to a third party,” the cybersecurity team notes in the statement.
The regulator advises candw.ky users to remove any filters from their accounts and change their passwords.
While it is unclear how the attackers got into the email accounts, the investigators suspect that hackers could have gotten passwords through scam emails that trick people into giving up their email account information or install malicious software.