Email Interception Attacks Are Becoming More Profitable for Hackers

By Ava McKinneyOnline Safety

Email Interception Attacks Are Becoming More Profitable for Hackers

Cybersecurity researchers have warned about a significant increase in email interception incidents. Cybercriminals are exploiting the accounts of trusted individuals to send phishing links that install malware on victims’ devices.

Phishing attacks have long been a major cybersecurity issue. These attacks range from simple scams—such as messages claiming the recipient has won a prize and needs to click a link to claim it—to highly targeted campaigns involving corporate emails sent with a specific goal. For example, cybercriminals often impersonate a company’s CEO to trick employees into following fraudulent instructions.

However, scammers are increasingly seeking to use legitimate user email accounts by hijacking ongoing conversations to send phishing emails. These conversation hijacking attacks can be especially effective because the email appears to come from a trusted source and is part of an existing dialogue, making it less suspicious.

According to cybersecurity researchers at Barracuda Networks, the number of conversation hijacking attacks increased by nearly 270% in 2021 alone. These attacks begin when criminals gain control over a victim’s email account, which they then use for malicious purposes.

Once they have access, attackers spend time reading emails and monitoring ongoing conversations to better understand the user’s daily activities, communication style, business operations, payment procedures, and potential deals. Cybercriminals use this information to craft authentic and convincing messages that appear in ongoing conversations, prompting users to click malicious links or download harmful attachments—all within the appropriate context.

Conversation hijacking attacks require more time and effort than standard phishing attempts, but for cybercriminals, patience can be extremely rewarding.

Fortunately, as with other phishing threats, users can protect themselves from this type of cyberattack. Strong passwords should be used for all accounts. Users are also encouraged to enable multi-factor authentication, which adds an extra layer of security against cybercriminals. Additionally, if there is any suspicion that a password has been stolen, it should be changed as soon as possible.

Leave a Reply