Phishing. It seems you can’t read an article on cybersecurity without it coming up. That’s because phishing is still the number one delivery vehicle for cyberattacks.
80% of surveyed security professionals say that phishing campaigns have significantly increased post-pandemic. Phishing not only continues to work, but it’s also increasing in volume due to the move to remote teams. Many employees are now working from home. They don’t have the same network protections they had when working at the office.
One of the newest tactics is particularly hard to detect. It is the reply-chain phishing attack.
You don’t expect a phishing email tucked inside an ongoing email conversation between colleagues. Most people are expecting phishing to come in as a new message, not a message included in an existing reply chain.
The reply-chain phishing attack is particularly insidious because it does exactly that. It inserts a convincing phishing email in the ongoing thread of an email reply chain.
How does a hacker gain access to the reply chain conversation? By hacking the email account of one of those people copied on the email chain. The hacker can email from an email address that the other recipients recognise and trust. The attacker also gains the benefit of reading down through the chain of replies. This enables them to craft a response that looks like it fits.
They may see that everyone has been weighing in on a new product idea for a product called Superbug. So, they send a reply that says, “I’ve drafted up some thoughts on the new Superbug product, here’s a link to see them.”
The reply won’t seem like a phishing email at all. It will be convincing because:
Here are some ways that you can lessen the risk of reply-chain phishing in your organisation:
Microminder is the leading strategic IT business partner in the dental sector – we have been proudly supporting the dental community for over three decades.
We pride ourselves on building lasting relationships with our clients where they trust us with their IT strategy, implementation and ongoing support, allowing them to focus on patient care.
Our solutions, IT Support, Managed Services & VoIP Telephony are cost effective and inspired by the latest technology, underpinned by market-leading technology partners such as Microsoft, Datto and Software of Excellence.
Microminder’s experts are passionate about technology and are always on hand to support and guide you, so please get in touch today:
Call us on 0208 799 6883 or follow us on social media.Back to News