I was just reading a web posting yesterday how this activity occurred to a corp. user. Somehow malware had managed to change the bank account numbers in an outgoing e-mail and he had no clue how it happened. At least now, he has a clue. https://www.infosecurity-magazine.com/news/ropemaker-change-content-email/
E-week has a few more details here: http://www.eweek.com/security/ropemaker-email-exploit-exposes-desktop-clients-to-security-risks along with the following mitigation I already use in my e-mail client: Also this tidbit: Mimecast has a whitepaper supposedly with all the details. Of course, you have to register for it.
Wow! The dangers of HTML email have been talked about since the 1990s...so nothing new here, except the CSS trickery. I suppose organizations have to use HTML email, I don't know... but home users can use a text-based email program. ---- rich
"Only those defenses are good, certain and durable, which depend on yourself alone and your own ability." —The Prince, by Niccolo Machiavelli. ---- rich
And "that's the rub" since the majority of phishing attacks, especially spear phishing ones, are targeted toward them. For home users, the mitigation for this should be directed to ISP's and e-mail providers since they are already scanning all incoming e-mails to their servers.
Bleepingcomputer.com has a lot more detail on the attack here: https://www.bleepingcomputer.com/ne...-attackers-change-your-emails-after-delivery/ Also this comment: