How can a conversation get hijacked?
Conversation hijacking is a version of phishing that doesn’t involve impersonating an entity, but an individual. Cyber criminals compromise one email account as a source. They then look through the account’s contacts and previous emails back and forth. From there, the criminals can insert themselves into the conversations that account has had in the original holder’s name, hijacking them.
Conversation hijackers leverage the trust people already have for the original account holder to attack them. The research involved in using this phishing strategy requires more time and research than many others, but often pays off.
Through conversation hijacking, criminals can gather information people would usually guard. They can also get people to open files carrying malware or to click links they would otherwise screen. Conversation hijacking is one way people can get into the realm of business email compromise (BEC).
What can I do?
- Keep your account from compromise.
- Use strong passwords that you change regularly. A password manager can help you keep track of it all.
- Enable multifactor authentication wherever possible.
- Monitor networks for suspicious activity.
- Keep from taking the bait in a hijacked conversation.
- Be aware of email tone and content. If it does not sound like something your contact would send, confirm with them another way that they sent the message. Confirming the message is real through email is risky because the attacker may have access to old emails to gain insight into your relationship—or they may guess at a question you send their way.
- Try to avoid clicking on links from emails. If possible, navigate directly to the website from your browser.
- Only download expected files from an email.
Can Frontline Help?
Individuals can take many of these steps on their own. Organizations may want to look into paid licenses, password/MFA management, and network monitoring. These are all available to Frontline Technology managed services clients, so contact us to start a conversation.
ABOUT FRONTLINE TECHNOLOGY LLC
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.
Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.
For nonprofits of every type and size: We Keep IT Simple
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.