There’s been a spike in the number of cyber-attacks that hijack ongoing email conversations and turn them into a vehicle for delivering malware. Conversation-hijacking attacks are when hackers manage to infiltrate legitimate email threads between people, and use highly-customised phishing techniques to make it look as if the victim is the one sending messages back and forth.
By ensuring that people believe they’re interacting with a person they trust — perhaps someone even within the same organisation — the scammers hope victims won’t be suspicious about downloading and opening attachments they might be sent as part of the conversation. That means victims can relatively easily be tricked into downloading malware.
Now researchers at email and web security firm AppRiver have uncovered what they refer to as “an unparalleled spike” in this form of phishing attack — and a campaign is leveraging conversation hijacking to deliver the Gozi banking trojan, providing the attackers with access to the victim’s financial details and the ability to clean out their account.
Read more about the sudden spike in phishing attacks that send malware-ridden attachments as replies to real email conversations on ZDNet.