With Conversation Hijacking, cyber criminals are tricking employees into transferring money or sharing payment information.
There has been a sharp increase in domain-impersonation attacks used to facilitate conversation hijacking, according to Barracuda Networks. Researchers at the email and data protection company analyzed around 5, 00,000 monthly email attacks that showed a rise of 400% in domain-impersonation attacks used for conversation hijacking. Cyber attackers leverage the information they derive from the victim’s account to create messages to trick employees into wiring money or sharing payment information.
In July 2019, these attacks were at 500 and surged to over 2,000 in November. Conversation hijacking in domain-impersonation attacks is not only more effective but also hard to detect, and expensive. Companies are using multi-factor authentications to combat conversation hijacking attacks. The majority of conversation hijacking attacks result in controlling the account and compromising it. It is essential to stop scammers from using a company’s network to launch such attacks. Make sure to use multi-factor authentication for an extra layer of security in addition to a username and password. Invest in technologies that know when accounts have been compromised and can fix the issue in real-time. Finally, it is smart to implement technologies that can thoroughly remove malicious emails sent from compromised accounts.
Enterprises are using technology to identify suspicious logins from unusual locations and IP addresses. Also, it is crucial to monitor email accounts for malicious activities as they are used for account takeovers. Typo-squatting is a popular technique among organizations that helps them to look out for new domain registrations that could be potentially used for impersonation. Companies can even consider buying alternative domain names that are closely related to the existing one to avoid fraudulent use by cyber attackers.
Today, cyber criminals are adopting new email tactics to escape gateways and spam filters. Therefore, organizations must implement AI solutions to detect and combat cyber-attacks such as domain impersonation. There are some companies that are using AI-based technology which does not depend solely on finding malicious links or attachments. They can also use ML to analyze standard communication patterns within the organization to detect suspicious activity that may indicate an attack.
Organizations are also creating guidelines and setting up procedures to confirm all email requests for wire transfers and payment changes. Another way to protect the company from conversation hijacking is to set up an approval system that involves multiple people for all financial transactions.
Enterprises need to take necessary measures to educate and train their employees about email attacks by using phishing simulation. They should be able to identify conversation hijacking and domain impersonation attacks and report them at the earliest.