Marknet Group

Contact Us
What is Conversation Hijacking? The Latest Threat to Your Cyber Security
Cyber Security | January 25, 2020

What is Conversation Hijacking? The Latest Threat to Your Cyber Security

by Anthony Nieves

If you have ever had a stranger answer a question you did not ask them or butt into a chat with your best friend, you may think you have experienced conversation hacking. And while having a total stranger weigh in on the events of the day is certainly uncomfortable, it does not pose a risk to your financial security.

True conversation hijacking is different, and it is an emerging threat in the world of cyber security. If you rely on email to do your job or conduct your business, you need to understand what conversation hijacking is, how it works, why it is so insidious and most of all how to recognize the signs and stop it in its tracks.

Conversation hijacking is just what it sounds like, and it starts when a criminal gains access to a legitimate email address. Sometimes the intrusion happens directly, with someone hacking into the targeted corporate network and guessing passwords. Other times conversation hijacking is the end result of a prior phishing attack, one that convinced a targeted individual to give up their log in information.

In other cases, the email addresses and passwords have been purchased on the dark web, a strange and nefarious marketplace where all manner of goods, including personal information, is for sale. But no matter how the conversation hijacking originated, what happens next is as frightening as it is ingenious.

Once the criminal is safely inside the network and logged on with their compromised or stolen email credentials, they take a look around, seeking out conversation threads they can use to their advantage. It is easy to see how dangerous this type of intrusion can be.

These conversation threads could be almost anything, from discussions about an ongoing project to talks surrounding an upcoming merger. The perpetrators of conversation hijacking are typically looking for high profile targets; think CEOs, CIOs, board members and the like.

Since the targets of conversation hijacking are so high profile, the damage done can be truly enormous. Just think about what would happen if a conversation hijacker, posing as a legitimate member of the team, convinced the CEO to provide banking details, or if a board member agrees to share proprietary information on a proposed merger or acquisition.

It is easy to see why this emerging type of cybercrime can be so successful. Instead of coming from the outside, the criminal is actually hiding in plain sight, inserting themselves into ongoing conversations that appear totally legitimate. This creates a level of trust that would be impossible to achieve with traditional phishing or spearphishing attack.

So what can you do to protect yourself and your company from the emerging dangers of conversation phishing? Since the attack begins with a compromised email address, protecting email credentials is the obvious place to start. by Anthony Nieves, CTO

One of the best defenses against conversation hijacking is also one of the simplest. If you are not already doing so, instituting a policy that requires email passwords to be changed once a month or so is a great place to start. And if you already have a policy in place, increasing the frequency of changes and implementing stricter rules can provide additional protections against this small but growing threat.

Conversation Hacking Change Passwords

It is a good idea to require unique passwords with every change request since many users simply tack on a new number to the password they are currently using. This may be a convenient strategy, but it also makes conversation hijacking much easier.

By increasing the complexity of the passwords in your email network, you can sharply reduce the risk of conversation hijacking, essentially cutting off one line of attack. Since many perpetrators buy exposed credentials on the dark web, requiring frequent password changes and enforcing strict rules can be very protective.

You can also reduce the risk of ongoing phishing and spearphishing awareness training. Employees cannot protect themselves against threats they do not see, and keeping these attacks in front of the mind will keep everyone on their toes and help catch suspected attacks before they can do any damage. It helps to build real-world examples and ongoing testing into the program; this hands-on experience can be extremely valuable to all involved.

Keeping a close eye on ongoing conversations and being suspicious of sudden requests for private and proprietary information is another thing businesses can do to protect themselves and their networks. Even when the conversation is taking place internally, unusual requests should always set off some alarm bells.

For now, the danger posed by conversation hacking is still pretty small. Compared to traditional phishing and spearphishing attacks, this type of attack takes a lot of work, and in most cases, the payoff will not be worth the investment.

Even so, the danger is growing, and as the attacks become easier and more effective, this emerging threat could enter the mainstream. Knowing how conversation hijacking works is the best line of defense, so you can protect yourself, your company and your network.

READ NEXT A Brief PCI-DSS Checklist for eCommerce Sites Working with User Credit Card Data Anthony Nieves | January 25, 2020
The Journey To Success Begins With You + Us.
View All Services