Stop biting when Reply-Chain is phishing emails

October 20, 2022
Phishing Emails
Business Email Compromise is far more common that you think. Identify the scam emails messages.

Oh, the infamous phishing! It seems everywhere you look there is a cybersecurity article about it. That’s because is still the most efficient way for cybercriminals to deploy cyberattacks.

We are not an exception, here are a few more articles we have on Phishing:

3 out of 4 companies surveyed by Mimecast and 80% of IT security professionals surveyed by Microsoft say that phishing attempts have significantly increased during and post-pandemic. Since it is an extremely easy attack delivery method, phishing not only continues to be effective, but it also grows in volume since the size of the remote workforce keeps increasing.

Many people are now working at remote locations and from their homes. That means that your employees may not have the same network security protections compared to your office location, and cyber criminals are adapting fast. One of the newest tactics they use is particularly hard to identify. It is called Reply-Chain phishing.

What is a Reply-Chain Phishing?

You probably would not expect a phishing email blended with an email conversation taking place between colleagues. Most people are expecting malicious emails to come in form of a new message, not the one tucked into an ongoing reply chain. Hence the name: the reply-chain phishing and this type of attack is particularly dangerous. It often works, because a convincing, legitimate-looking email is inserted into an existing thread of an email reply chain, where you are more likely to click on links or reveal sensitive information.

A cybercriminal can gain access to the reply chain conversation by hacking the email account of someone within that reply chain. A malicious email would come from someone in that participant’s list, someone you know and trust. The attacker also gets a bonus: information contained in the chain of replies. This enables them to create a message that looks like a part of the ongoing conversation.

For example, everyone in your reply chain has been discussing a new XYZ project idea. So, the hacker can reply with a message that says “I did some research on the competitor’s ABC project,  here is the link to the benefits of XYZ compared to ABC, let me know what you think.”

Chances are, you and your colleagues are clicking on that link, because it looks convincing:

  • It appears to come from a trusted contact who is already participating in that email thread
  • It comes across organically by referencing the topic of the discussion.
  • It may look personalized, addressing you and others by name that are included in that reply chain.

Business emails are most vulnerable to phishing attacks

Business Email Compromise is far more common that you may think – hey, it even got is own acronym (BEC). Unsecured and weak passwords lead to email compromise, and to further data  breaches, including databases that include other user login credentials and more.

3 Tips for fighting against Reply-Chain Phishing
Here is how you can lessen the risk of reply-chain phishing in your organization:

  1. Use a business-level password manager program
  2. Use Multi-Factor authentication controls on your business email accounts
  3. Increase phishing awareness and train your employees


IT Support NJ - Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards
IT support NJ - Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution IT industry awards
Scroll to Top