Security News > 2020 > January > New phishing attack hijacks email conversations: How companies can protect employees
There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks.
Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.
An analysis of around 500,000 monthly email attacks showed a gain of 400% in domain-impersonation attacks used for conversation hijacking.
Although the level of conversation hijacking in domain-impersonation attacks is low compared with other types of phishing attacks, they're personalized.
Use phishing simulation to train employees to identify cyberattacks, to test the effectiveness of your training, and to evaluate the people most vulnerable to attacks.
News URL
Related news
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Phishing emails delivering infostealers surge 84% (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- CoGUI phishing platform sent 580 million emails to steal credentials (source)
- Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails (source)