Skip to main content

Conversation hijacking: Why that chat with your ‘boss’ could be fake

Conversation hijacking is a clever combination of phishing and social engineering, and it can be devastating for businesses. Many victims of conversation hijacking don’t know that they’ve been scammed until it's too late. 

What is conversation hijacking?

Conversation hijacking is a phishing technique where a scammer inserts themselves into a pre-existing email conversation, or uses information that they’ve gathered to impersonate an email contact that is known to the victim. The scammer usually pretends to be someone with authority; the director of a company, a previous client or customer, or even just a senior member of staff. 

How does the scam work?

Initially, a scammer gains access to an email account. This might be through a compromised network, a malware infected link or by hacking the account. A scammer doesn’t need to have access to the email for long; just long enough to run a program which makes a copy of all the information in the account. They then use this information to identify which senders and recipients they should impersonate, as well as gathering data about the business or organisation. 

Then, using their own computer program, they can send an email or insert themselves into an email thread as the manager, director or customer. They might establish rapport with the victim by sending a few emails back and forth, until eventually requesting a payment is sent to a specific account. They might also introduce a time constraint, telling the employee that the payment must be sent within a short time frame. The victim complies, and the scammer can repeat the process until the fraudulent payments are discovered.

The biggest security flaw in your organisation: people

Conversation hijacking makes the safe assumption that employees aren’t likely to challenge an important customer, or someone above them in the business hierarchy. A member of staff who receives an email request from their manager or a client is likely to follow given instructions quickly, and without asking too many questions. 

This is called social engineering; the trust that employees have is exploited by the scammer. Social engineering capitalises on predictable human responses; for example, allowing someone in a high vis vest access to a building, or checking an abandoned USB stick by inserting it into a computer. Scams like conversation hijacking prey on the good intentions, trust and respect of employees, which makes them incredibly effective.

Stop conversation hijacking by changing your workplace

With conversation hijacking, it isn’t enough to encourage staff to check the email address of the sender before approving payments; remember, the email address will match the boss’, client’s or customer’s. To combat this kind of scam, there needs to be a shift in workplace culture. 

Primarily, ensure that your business has a clear process when it comes to approving payments that is adhered to every time. You might decide that payments have to be approved by a certain person or multiple people, that each payment has to be recorded against a pre-existing ticket, or payments above a certain amount need to be authorised verbally by management. These guidelines can help prevent fraudulent payments.

Businesses should also normalise employees checking in with managers and supervisors. By creating a workplace where asking questions is commonplace, regardless of where you are in the company hierarchy, there is far less potential for fraudulent payments to be verified.

Creating a security-conscious business

Finally, training and educating your employees about conversation hijacking and other kinds of phishing scams is key. U-secure is cyber security training software, which consists of ten minute training courses and quizzes to educate staff about phishing scams just like conversion hijacking.

The short courses are emailed to your staff, and the results recorded for your organisation. This means that businesses have a clear snapshot of how security-conscious their employees are, and who needs help or further training.

As a U-secure partner, Transcendit offers a 30-minute demo of the program to help you decide whether it could be beneficial to your business.

Curious about U-secure? Give us a call on 0191 482 0444


The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
As always the support team are efficient and effective. Darlington Golf Club

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Living Wage employer
Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner