Welcome to #WeekendWisdom number 62. This week we’re going to talk about Email Thread Hijacking.

Lets start with the basics. Phishing emails.

Most people are familiar with phishing emails that come in from strange email addresses, that come into their mailbox with attachments or links and they have received decent cyber security awareness training which means that they look at this and they say “There is an unsolicited email with a link or with an attachment. I should delete this because it’s malicious.” and get on with their day.

How is Email Thread Hijacking different?

But what happens if one of those emails comes into your mailbox and it’s actually a reply from somebody you know and is actually a reply from an email thread that you’re involved in. It might just say something like “Here’s the information you’re looking for.”

That’s going to be pretty believable and you’re probably going to click it to open that document or click on the link, that might open a document and you might get something that looks like this, this is saying this is an encrypted document or it could be just saying that it’s a protected document or it’s using a different version of word or an online version or an offline version.

But they always have the same instructions. Click “Enable editing” and click “Enable content”.

What happens if you fall victim?

So if you ever open a document and see this type of instruction, close the document immediately, never ever, ever click on “Enable content” because as soon as you do, the malware will run and it will go through your inbox and reply to emails in your inbox and try and spread this malware to other people by using the same technique.

So that’s Email Thread Hijacking. Never ever, ever click “Enable content”.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.


How can L2 Cyber Security help you?

We offer a full range of training programmes, which can be delivered online or in-person*.

L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.

Contact us for more information at info@L2CyberSecurity.com.

*With appropriate social distancing and other health and safety measures adhered to.


Follow us on Social media:

Liam is available on TwitterLinkedIn and Instagram.

Follow L2 Cyber on TwitterLinkedInInstagram and Facebook.

© L2 Cyber Security Solutions