Thread hijacking attacks, a sophisticated form of social engineering, occur when an individual’s email account is compromised, and the attacker sends malicious emails from that account within an ongoing email thread. This method leverages the recipient’s trust in the sender and curiosity to trick them into clicking on malicious links or attachments.
In a recent incident discussed by KrebsonSecurity, Brett Sholtis, a writer for LancasterOnline.com, found himself targeted in such an attack. He received suspicious emails purportedly from Adam Kidan, a businessman with a questionable past, amidst an ongoing email thread. These emails, with subject lines like “Re: Successfully sent data” and “Acknowledge New Work Order,” contained a malicious attachment.
Upon clicking the attachment, Sholtis was redirected to a fake Microsoft Office 365 login page designed to capture his credentials.
Fortunately, Sholtis promptly forwarded the emails to his organization’s IT team, who recognized them as phishing attempts.
Thread hijacking attacks pose a significant challenge for detection due to their deceptive nature. Since they originate from a familiar contact and exploit curiosity rather than urgency, they can easily deceive recipients. It’s crucial for individuals and organizations to remain vigilant and report suspicious emails promptly to prevent falling victim to such attacks.
Interested in learning more about how to protect your inbox? Register for our upcoming webinar on email management and optimization here.
Leave a Reply