The FBI is warning US companies about scammers actively abusing auto-forwarding rules on web-based email clients to increase the likelihood of successful Business Email Compromise (BEC) attacks. BEC scammers are known for using social engineering, phishing, or hacking to compromise business email accounts with the end goal of redirecting future or pending payments to bank accounts under their control. The FBI also warned private industry partners of threat actors abusing both Microsoft Office 365 and Google G Suite in BEC attacks in two separate notifications [1, 2]
Source: https://www.bleepingcomputer.com/news/security/fbi-warns-of-bec-scammers-using-email-auto-forwarding-in-attacks/