Phishing is a very popular method of cybercrime and there are many techniques hackers use. This technique in particular, which has seen a recent spike, is primarily used to trick people into unwittingly installing malware, transferring money or handing over their login details by hijacking email conversations.
In conversation-hijacking attacks, hackers infiltrate legitimate email threads between people by exploiting previously compromised credentials – likely purchased from the dark web, stolen or accessed via brute force attacks. After gaining access to an account the attacker will learn as much as possible about the victim by researching their emails, on the look-out for any conversations or information that could be valuable. They will then insert themselves into conversations, making it look as if the victim is the one sending messages back and forth.
The idea behind this attack is that by using a real identity and by mimicking the language that person uses, the attack will look as if it is coming from a trusted source. Thus, making it more likely to be successful and potentially very costly to individuals and organisations should they fall victim.
Cyber criminals are leaning hard on this attack technique in order to compromise businesses. In fact, a recent analysis by Barracuda Networks of 500,000 emails, showed that conversation-hijacking rose by over 400% between July and November last year. While these types of attacks are still relatively rare, their personal nature makes them difficult to detect.
However, while conversation-hijacking attacks are more sophisticated and harder to recognise than other phishing attacks, they are not impossible to spot. We advise paying close attention to the email address that the message is being sent from and be suspicious if the domain is different to what you are used to seeing. You should also be wary of sudden demands for money or information. If in doubt, contact the person who the email is from directly via a different source, such as by phone, another email or in person.
Companies can also protect employees from these types of attacks by implementing two-factor authentication. This adds an extra layer of protection so that even if someone’s login details are stolen or compromised, hackers will not be able to use them to conduct further attacks.
If you are worried about conversation-hijacking, or any other type of phishing attack, please contact our dedicated team now so we can advise you on how to protect yourself and your organisation from attacks.