Watch out for any out of the ordinary links sent from people you know and trust. As researchers discover a steep increase in phishing attacks that hijack legitimate accounts. To clarify, hackers abuse accounts of people you know to send you phishing links so they can steal passwords, steal money, and deliver malware.

Certainly criminals send out a stack of emails to numerous email addresses in hopes of duping a victim to click on a malicious link, download malware or giveaway their passwords via a fake login portals, well known as a phishing attack. We’ll all received one as they’ve been a cybersecurity issue for a long time.

But there are different types of phishing attacks from the basic ones that may say you’ve won a grand prize, “click on the link” to claim it – to the more targeted campaigns that impersonate a legitimate account and have a victim in mind. In other words, fishing with a net compared to fishing with a pole. Certainly, fishing with a pole, you expect to catch a bigger fish, a more profitable victim. For example, in an attempt to trick the user into following orders from their ‘boss’, it’s common for cyber criminals to send emails posing as the company’s CEO to that company’s employees . 

As a result, cybercriminals are increasingly looking for a targeted person to exploit, a person that has ongoing conversations. So, they can send a phishing email to your friend or colleague who takes the bait. Hijacking a conversation has the potential to be a better way to trick victims because the email comes from a trusted source and is part of an ongoing conversation. In other words, it doesn’t appear suspicious, unlike the basic phishing emails that tell us we’ve won a prize.

Meanwhile, cybersecurity researchers at Barracuda Networks say that according to their findings the conversation hijacking attacks, have jumped exponentially. Saying in 2021 they rose by 270%.

Firstly, the hackers start by taking over the email account of a victim. Then they use the victims account to lure other victims and trick them to clicking links, downloading malware or lead them to reveal their passwords.

During this time hackers go to great lengths to read all email conversations to get more of a day to day feel for the victims’ activities and who they correspond with internally and externally. They also gain information about how the business operates, payment authorisers and procedures and any up-and-coming business deals.

Once the cybercriminals have obtained the information they need, they go about crafting an authentic email that appears to be a natural progression in the conversation. In other words, they’ll ask the potential victim to click a malicious link or download a malicious attachment – all in the correct context of the situation.

As a result, there is a lot more time and an effort that hackers take to catch their victim – but the monetary gain and the game of trickery can be rewarding for the cybercriminal.

Mike Flouton, VP of product management at Barracuda Networks, says “it can have a huge payout for cyber criminals…and growing because it’s very difficult to detect.”

Even though this type phishing attacks make up only a small percentage of the overall amount, just 0.3%, they do have a high success rate. So, it means they’ll likely to go on the increase as more criminals start to use them.

Flouton says he “expects that the number of these instances will continue to grow in the coming years”

It is possible to protect users from conversation hijacking attacks. Take these steps

  • Add Strong passwords to all your accounts, so hackers can’t easily crack them.
  • Use multi-factor authentication, a second layer of protection for your account. If they steal your passwords, they’ll need the authentication code to access your account.
  • And if a password is suspected of being stolen, it should be changed. 
  • For organisations, it’s recommended that account-takeover protection is applied and that inboxes and networks are monitored to register suspicious activity, particularly if logs show that the user has seemingly accessed their account from a new location or a different time zone.
  • Staff should also be trained to recognise, and report suspected phishing attacks. 

If conversation hijacking attacks are on the increase because they are successful, then businesses and organisations need a plan in place about how to deal with a successful attack. 

Do you have a response plan in place that will help your business recover quickly? Has the plan been tried and tested? Is your business prepared for a cyberattack? If you have answered no, perhaps you may consider filling in your details below.

How can we make your business better with IT?