Javascript must be enabled to view this page.

A phishing attack is an attempt by a malicious person to obtain sensitive information such as login credentials or credit card details by masquerading as a trusted entity. Phishing attacks are typically carried out via email or instant messaging and often involve the use of fake websites that mimic the look and feel of legitimate websites.

In recent years, phishing attacks have become increasingly common and sophisticated, posing a serious threat to businesses of all sizes. These attacks can have a significant impact on businesses, causing monetary loss, reputational damage, and disruption to operations. In some cases, phishing attacks can even lead to legal action.

What is Reply-Chain Phishing Attack?

A reply-chain phishing attack uses email replies to trick victims into revealing sensitive information. The attacker injects the phishing email inside an ongoing email conversation. It will look like a normal conversation in an email thread, but the email contains a link or attachment that is malicious. Either the link or attachment will lead the unsuspecting victim to a fake website that will request sensitive information.

How does a hacker gain access to the reply chain?

A hacker may have gained access to one of the email accounts of people copied in the email chain. The hacker can then email from an email address that people recognise and trust. The hacker will also read the entire email thread and craft a response that fits into the entire conversation.

As an example, there may be an email thread about a new product idea. The hacker may inject a response to indicate that they have some thoughts around the idea and insert a link for additional reading. This link will go to a malicious phishing site. This site might infect the visitor’s system with malware, steal login credentials, or attempt to obtain sensitive information.

Characteristics of reply chain phishing attack

Here are tips on how to identify a reply chain phishing attack:

  • It comes from an email address of someone you are familiar with, either a colleague, a friend, or a family member
  • The email will look genuine and participate in the conversation naturally.
  • The email will reference people by their actual names as they have access to the entire thread
  • It will contain links to websites or attachments that look like part of the conversation

Business Email Compromise (BEC)

According to Trend Micro, Business Email Compromise is a type of scam targeting companies who conduct wire transfers and have suppliers abroad. Corporate email accounts of employees related to finance or involved with wire transfer payments are spoofed or compromised through keyloggers or phishing attacks to do fraudulent transfers, resulting in hundreds of thousands of dollars in losses.

The reply chain phishing attack is one of the ways that hackers use BEC for monetary gains. They are used to planting ransomware or to steal sensitive data to be sold on the Dark Web.

Tips To Counter Reply-Chain Phishing

Here are recommended tips to lessen the risk of reply chain phishing in your organisation:

  • Use a Business Password Manager: This helps employees use best practices in setting up and storing passwords.
  • Use Multi-Factor Controls on Email Accounts: This presents a system challenge in the form of a question or an authentication code to log in. Using this method prevents unauthorised login from strange IP addresses.
  • Educating Employees: Awareness is a big part of identifying phishing scams. Run regular training to remind employees of the importance of being aware of potential scamming threats.

Proactive Threat Protection Is Crucial

As the world becomes more digitised, businesses are increasingly at risk of cyberattacks. These attacks can come in the form of malware, viruses, phishing scams, and more. Proactive threat protection is crucial to businesses because it can help them avoid these attacks before they happen. By taking steps to protect their data and their networks, businesses can reduce the chances of being attacked and the damage that it can cause. Get started today, give us a call on 1300 440 444.

Share:

Related tags: