Users are frequently aware of plain phishing schemes and do not open any fraudulent links or attachments, especially when they appear out of nowhere and with no context. However, conversation hijacking is an advanced type of phishing attack where fraudsters use already existing conversations to spread malware or extract money from the victims.
These attacks tend to be much more effective because the message comes as part of an ongoing email chain, so it doesn’t look as suspicious as an unexpected email coming out of nowhere and asking for you to pay an invoice or download an attachment to view supposedly important documents.
Even though conversation hijacking attacks are much less common than usual phishing attacks, they still happen thousands of times every month.
Analysis by Atlas VPN reveals that conversation hijacking attacks more than doubled in 2021 surging from 5 106 in Q1 2021 to 12,606 in Q4 2021, representing a growth of 147% for the period. The data for the analysis on conversation hijacking attacks was provided by Baraccuda, a worldwide leader in online security.
Interestingly, the most dramatic increase happened from Q1 2021 to Q2 2021, where the volume of attacks surged by 101% in a quarter.
The volume of attacks continued to rise throughout the year but at a much slower pace.
Looking at the volume of attacks from another angle, businesses globally encountered an average of 137 conversation hijacking attacks per day in Q4 2021.