A New Phishing Tactic: Reply-Chain Attacks

The reason phishing attacks seem to be mentioned time and time again is because they are still the number one tactic cybercriminals use for cyberattacks.  They are becoming more difficult to detect since cybercriminals continue to evolve their tactics.  The newest tactic they are using is called reply-chain phishing.


What is Reply-Chain Phishing? A reply-chain email occurs when one person sends an email to multiple recipients, and each recipient responds to the same email which creates an email chain.  Reply-chain phishing is when a phishing email is tucked inside an ongoing email chain.  This is unusual because phishing emails are typically sent as a new email message.


How does a hacker gain access to a reply-chain email? A hacker can easily gain access to a reply-chain by hacking into one of the email accounts of a person involved in the email chain.


Why are reply-chain phishing attacks hard to detect?
–  It comes from a familiar email address that has already been participating in the email conversation.
–  It may reference items that are already mentioned in the discussion.
–  It may use personalization, such as names that the hacker has seen in the reply chain.

How do you lessen the risk of Reply-Chain Phishing?
–  Use a password manager so employees won’t use the same password across multiple platforms.
–  Have multi-factor authentication controls in place for extra security.
–  Make sure employees are aware of the signs of phishing emails.
–  Contact CATS Technology Solutions Group for more ways to keep your systems secure!

About CATS Technology

CATS Technology is a complete technology solutions provider, dedicated to providing solutions that will streamline operations, enhance productivity and drive innovation for businesses of all sizes. Our professionally trained and certified IT experts empower our clients to leverage the full potential of their IT investments to stay ahead of today’s rapidly evolving digital landscape. 

Our Services

Related Posts

The Betrayal of the ‘Grandparent Scam’

When a loved one calls you in distress, fear for their safety overrides any thoughts of suspicion. In that moment, protecting your loved one becomes your sole focus, often leading to immediate and impulsive action. You may not take the time to stop and think, hmm this doesn’t sound like their voice. Unfortunately, it’s precisely this vulnerability that scammers exploit in a scam. They prey on the natural instinct to safeguard family, manipulating emotions to extract money or personal information. And their main target? Grandparents.

Read More

SMS Security 101: 2024’s Most Popular Text Scams

Ever get an urgent text compelling you to click a link or send information? These are classic examples of text scams, also known as “smishing scams.” The word smishing, derived from “SMS, or Short Message Service” has become increasingly prevalent in the recent years and involves scammers using text messages to deceive individuals into compromising their security. 

Read More

Game Over or Game on? 7 Times Video Game Companies Were Targeted by Cyber Criminals

Video games are an escape from real life. A countless number of people play to be immersed in a world filled with adventure and excitement. While it is fiction and you remain safe from the dragons or zombies you battle, dangers of the digital realm can be real. Video game companies are in a constant battle against their own threats. Cyber Criminals find their way into every industry, and the video game realm is not the exception.

Read More