Skip to main content

Home Conversation hijacking

Conversation hijacking

Conversation hijacking definition

Conversation hijacking is a type of email attack where the attacker targets specific email accounts and compromises them so that they can spy on their conversations. With a conversation-hijacking attack, attackers can also start new conversations by posing as one of the participants.

For example, let’s say that two businesses, a supplier and a buyer, are sending emails to each other. With a conversation-hijacking attack, someone can interfere in the conversation and see what they’re saying. Also, the same person can pose as the buyer or the seller and ruin the deal or do other similar damage.

To conduct conversation hijacking, attackers need to get access to a mailbox or a message archive. To do so, they can hack the mailbox or infect it with malware. However, there’s another way. Namely, message archives of specific email accounts are sometimes sold on the dark web, so attackers can simply buy them and conduct their conversation hijacking.

See also: account hijacking, end-to-end encryption

Protection from conversation hijacking

  • Encrypting all devices where a certain email account is used with end-to-end encryption so that they’re harder to hack.
  • Creating difficult email passwords and changing them often (every 3-6 months).
  • Reducing the number of external (third-party) services and tools registered to an email address.
  • Constantly checking email settings for any unwanted rules.