Security News > 2020 > January > New phishing attack hijacks email conversations: How companies can protect employees
There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks.
Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.
An analysis of around 500,000 monthly email attacks showed a gain of 400% in domain-impersonation attacks used for conversation hijacking.
Although the level of conversation hijacking in domain-impersonation attacks is low compared with other types of phishing attacks, they're personalized.
Use phishing simulation to train employees to identify cyberattacks, to test the effectiveness of your training, and to evaluate the people most vulnerable to attacks.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Phishing Emails Targeting Australian Firms Rise by 30% in 2024 (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- New Syncjacking attack hijacks devices using Chrome extensions (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- Beware: PayPal "New Address" feature abused to send phishing emails (source)