Security News > 2020 > January > New phishing attack hijacks email conversations: How companies can protect employees
There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks.
Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.
An analysis of around 500,000 monthly email attacks showed a gain of 400% in domain-impersonation attacks used for conversation hijacking.
Although the level of conversation hijacking in domain-impersonation attacks is low compared with other types of phishing attacks, they're personalized.
Use phishing simulation to train employees to identify cyberattacks, to test the effectiveness of your training, and to evaluate the people most vulnerable to attacks.
News URL
Related news
- Email attacks skyrocket 293% (source)
- Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net (source)
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Security measures fail to keep up with rising email attacks (source)