Security News > 2020 > January > New phishing attack hijacks email conversations: How companies can protect employees
There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks.
Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.
An analysis of around 500,000 monthly email attacks showed a gain of 400% in domain-impersonation attacks used for conversation hijacking.
Although the level of conversation hijacking in domain-impersonation attacks is low compared with other types of phishing attacks, they're personalized.
Use phishing simulation to train employees to identify cyberattacks, to test the effectiveness of your training, and to evaluate the people most vulnerable to attacks.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- European companies hit with effective DocuSign-themed phishing emails (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)