Conversation hijacking phishing attacks, which involve threat actors infiltrating ongoing email threads to avert suspicion, have increased by nearly 270% last year, according to ZDNet
Barracuda Networks reported that while conversation hijacking only comprised 0.3% of social engineering attacks, such attacks' elevated success rate is enticing more threat actors.
"Although there is a lot of upfront work, when conversation hijacking is done "right," it can have a huge payout for cybercriminals. The number is growing because it's very difficult to detect, success rates can be high and payouts are big," said Barracuda Networks Vice President of Product Management Mike Flouton, who added that conversation hijacking attacks are only poised to increase in the future.
The findings should prompt organizations to adopt account takeover protection on their inboxes, as well as implement phishing
awareness training programs for their employees.
"Make sure you are prepared for a cyberattack – have a well thought out response plan in place that will help you recover quickly," Flouton added.