Home Page Navigation Contents Contact Sitemap Search

Reply-Chain Phishing

Almost everyone is familiar with reply chains in emails. An email is sent to one or more people and various people reply to it. They do not expect a phishing email to be hidden in this ongoing email conversation. Most people expect a phishing email as a new message, not as part of an ongoing reply chain.

In a reply-chain phishing attack, criminals use previously stolen legitimate email addresses to send an email reply with a malicious link or QR code. This email address belongs to the parties involved in an email conversation. This allows the hacker to email from an email address that the other recipients know and trust. The criminals also have the advantage of being able to read the chain of replies. This enables them to compose a highly appropriate response, enhancing the credibility of the reply. As a result, the recipient believes the response is from a trusted sender and is more likely to click on the link or open the attachment that the criminals have inserted via the stolen email account.

The following measures can reduce the risk of a reply-chain phishing attack:

  • Use strong passwords and store them in a secure place, such as a password manager. This makes it more difficult for criminals to access your email account.
  • Use caution when following a link sent via email or text message or scanned via a QR code.
  • Never disclose your access credentials for your devices, email accounts, etc.

Further information on phishing can be found here.

What else would you like to learn about security when e-banking?

Register for a course now
and learn more:

Online basic course

Find out about current Internet threats and some easy protective measures, and how to securely use e-banking.

further information

Online course mobile banking/payments

Find out about mobile banking, mobile payments and how to securely use these apps.

further information

Online course on cryptocurrencies

Cryptocurrency beginner? Find out about the most popular cryptocurrencies and the Blockchain technology behind them.

further information

Online course for SMEs

Is your organisation sufficiently secure? Learn which measures you can take to significantly strengthen your organisation’s IT security.

further information