Researchers from cyber security firm AppRiver recently warned that they have observed a spike in conversation-hijacking attacks where hackers use highly personalized phishing emails to trick recipients that they are conversing with a trusted party.
The hackers are said to be using the technique to spread the Gozi banking trojan which collects the victim’s financial details . The attackers start by sending phishing emails en masse to obtain the victim’s email login and password. They then use these trusted accounts to reply to ongoing conversations where they attach the malware.
AppRiver said that in January alone, they have observed more than 34,000 such phishing incidents, with random spikes of activity here and there.