The lurking danger of hacked email reply chains


Although phishing has been around in various forms since the 1990s, recent news has shown that it continues to evolve – and remains a major threat. These days, phishing tactics are so sophisticated it can be difficult to spot a scam – particularly in the case of hijacked email reply chains.

This approach sees a cybercriminal gain access to a colleague or supplier’s email. The criminal jumps into a legitimate email conversation adding a fake message pushing malware.

What factors create trust?

Believability is the key difference between a regular phishing attack and a hijacked email chain. The criminals behind these campaigns take their time breaking into email accounts, watching business conversations, negotiations, and transactions. At the opportune time, they launch their attacks at plausible moments when the recipient’s guard is down. Most commonly, these attacks have been attributed to banking trojan campaigns, such as Ursnif or Gozi.

Read more…