The latest phishing technique that has been making the rounds is EMAIL REPLY-CHAIN PHISHING ATTACKS.

Business Email Compromise (BEC) is the number one cause of financial loss due to internet crime in organizations. Keyword; Email Compromise

It's prosaic that typical phishing and spear phishing attacks attempt to spoof (trick) the sender with a forged email address. A more sophisticated attack now hijacks legitimate email correspondence chains to insert a phishing email into an existing email conversation.

Think of it in this manner, there's an ongoing email conversation between you and two of your colleagues. Highly confidential information and data are being shared and one of you has been compromised without the knowledge of the other two. Bad news init?

How Do Email Reply Chain Attacks work?

First, they log in to your account since a reply chain doesn’t work without access to a compromised email account. Then they look for an incredibly convincing thread, preferably one you’ve sent attachments to. So, when they send an attachment with malware- posing as you, no one is wiser.

Another trick that makes reply-chain attacks hard to spot is that they direct any email trying to notify the original account owner that they may have been hacked into the trash, so the original owner of the account remains ignorant of what’s happened or what is happening.

Hackers can gain access to one or more email accounts and then begin monitoring conversation threads for opportunities to send malware or poisoned links to one or more of the participants in an ongoing chain of correspondence. Be vigilant!

How to protect against Reply-Chain phishing

1) Use Multi-Factor Authentication: Multi-factor authentication is one of the strongest protections against compromised accounts.

2) Make Employees Aware of Reply-Chain Phishing: Awareness is key to identifying when a reply may not sound a little “off” so employee training is just as important. If they know to be on guard, they can more easily detect a phishing reply. Knowledge is power.

3) Use Internal Messaging Apps More: Many companies are switching to applications like Microsoft Teams for much of their internal communications. They do this because it’s often easier to track and can also be more secure. By using a messaging
app for the bulk of internal communications, you avoid email reply-chains that hackers can hijack.

4) Always Keep Your Systems Updated: The most common way attackers can gain access to your account is by utilizing existing vulnerabilities in your system. Keeping all your devices up to date can help lower the chances of you falling prey to a
phishing attack.

5) Treat Email Attachments with Caution: If a scammer uses the email address of a known employee, such emails won’t be flagged as malicious and may end up in your inbox disguised as a legitimate message. Therefore, no matter how trusted the
source is, never open any attached items without first scanning them for
viruses.