BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Hackers Increasingly Targeting Business Conversations

‘Conversation hijacking’ Seeks Sensitive Business Intelligence

Your employees probably know not to open unexpected file attachments or click on random links, but what if an attachment arrives as part of an email conversation with trusted colleagues?

Sophisticated hackers are using a technique known as “conversation hijacking” to insert themselves into business operations, gain insight into sensitive details, and exploit the information for financial gain. What should you know about this insidious form of cyberattack on businesses?

Conversation Jacking

Conversation Hijacking: Infiltrating Business Communications

New research indicates that the incidence of conversation hijacking increased by more than 400 percent in the second half of 2019 alone.

In a conversation hijacking attack, a hacker uses various methods for gaining access to business credentials — for instance, an email login. By using the phished information, the hacker then may join an existing email conversation by posing as someone already involved in the conversation.

Conversation hijacking attacks are mounted by hackers willing to invest significant time to gain access to sensitive information. The hacker may read through numerous emails and conduct research online to learn about business deals in progress or other potentially valuable information.

By gaining the trust of other people in the email thread, the hacker then can use a variety of techniques for gaining access to banking information and financial assets.

Forms of Conversation Hijacking

Conversation hijacking can take a number of different forms, with information coming from a range of different sources. Hackers may compromise email accounts through phishing or data breaches and use the stolen account information to stage account-takeover attacks.

A hacker then may spend time monitoring an email account — including ongoing message threads — to gain information about sensitive business details or financial arrangements. An attack may involve a hacker creating a fake domain similar to the real domains used by a company. In the case of domain impersonation, the goal is to create a domain similar enough to the real domain that unsuspecting employees click or download files without realizing the error.

Hackers also may impersonate the domain of a client, vendor or business partner to gain the trust of employees for the ultimate purpose of accessing financial accounts and information.

Protecting Your Business

Conversation hijacking can be more difficult to detect than other types of hacking, but you can take steps to protect your business, your employees and your clients and partners.

The most important step you can take is ensuring that your team members understand how conversation hijacking attacks work. They should always use caution when downloading files or clicking on links and take time to ensure that all information — including domain names — matches their expectations.

In addition, any requests for financial information or immediate payment should raise red flags and should be reported to your company’s accounting department. If an employee doubts the authenticity of an email, they can contact the sender by phone or by starting a new email thread with an email address known to be accurate. Employees also should report to your IT team any email conversations or other incidents that seem suspicious.

Additional security measures — including robust email filtering and inbox rules — also can help, and restricting macros within documents can limit the means for hackers to gain access to account information. Multi-factor authentication also can provide extra protection against sophisticated conversation hijacking attacks.

More Like This

AA21-265A: Conti Ransomware

Original release date: September 22, 2021 Summary Immediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. See the ATT&CK …

AA21-265A: Conti Ransomware Read More »

Read More

Are You Planning to Download Windows 11 Free Update?

Are You Planning to Download Windows 11 Free Update? Here’s a Quick Guide Microsoft’s new operating system has generated considerable interest from users and tech experts. Windows 11 brings many key new features that enhance the overall user experience. From October 5, 2021, Microsoft will roll out the update to eligible Windows 7 and 10 …

Are You Planning to Download Windows 11 Free Update? Read More »

Read More

AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

Original release date: September 16, 2021 Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for  referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), United States …

AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus Read More »

Read More

If You Own These Four Small Business Cisco Routers: It’s Time to Replace Them

If You Own These Four Small Business Cisco Routers: It’s Time to Replace Them A security flaw discovered in RV110W, RV130, RV130W, and RV215W Cisco routers creates significant vulnerabilities. Traditionally, these UPnP (universal plug and play) routers would receive security updates from the vendor. However, Cisco recently announced that it has no plans to release …

If You Own These Four Small Business Cisco Routers: It’s Time to Replace Them Read More »

Read More

Do You Want to Speed Up Your Computer?

Do You Want to Speed Up Your Computer? Here are Top Tips A slow computer can undermine productivity and become a source of frustration. Fortunately, there are several ways to boost speed and overall performance, irrespective of whether your computer is relatively new or older. You can achieve the desired performance by following specific tips …

Do You Want to Speed Up Your Computer? Read More »

Read More

AA21-243A: Ransomware Awareness for Holidays and Weekends

Original release date: August 31, 2021 Summary Immediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and software. • Use strong passwords. • Use multi-factor authentication. …

AA21-243A: Ransomware Awareness for Holidays and Weekends Read More »

Read More