Security company researchers warn of a large increase in conversation-hijacking attacks. Here's what they are and how to spot them.
January 16, 2020 By Danny Palmer
There's been a large rise in cyber criminals using a particular phishing technique to trick workers into unwittingly installing malware, transferring money or handing over their login credentials.
In conversation-hijacking attacks, hackers infiltrate real business email threads by exploiting previously compromised credentials –perhaps purchased on dark web forums, stolen or accessed via brute force attacks – before inserting themselves into the conversation in the guise of one of the group.
"Once they gain access to the account, attackers will spend time reading through conversations, researching their victims and looking for any deals or valuable conversations they can insert themselves," Don Maclennan, SVP for engineering and product at Barracuda Networks told ZDNet.