Email forwarding risk is the exposure created when messages are automatically redirected to another inbox, especially without appropriate control or visibility. It matters because forwarding can silently move sensitive information outside its intended boundary and help attackers maintain access after compromise.
What is Email Forwarding Risk?
Attackers often create forwarding rules to exfiltrate mail quietly from compromised mailboxes. Even legitimate forwarding can create compliance, retention, and data-governance issues when messages leave managed systems.
What Email Forwarding Risk Commonly Supports
Common uses include mailbox-compromise detection, email-governance policy, DLP review, and exfiltration monitoring.
Email Forwarding Risk vs. Contained Managed Mail Flow
Managed mail flow keeps messages within approved boundaries. Uncontrolled forwarding can create invisible leakage or persistence paths.
Frequently Asked Questions
Why are forwarding rules suspicious?
Because attackers use them to keep receiving messages without needing to log in constantly or alert the victim.
Is all forwarding bad?
No. Legitimate forwarding exists, but it needs governance, visibility, and risk review.
