There's been a significant rise in cybercriminals using a particular phishing technique to trick workers into unwittingly installing malware, transferring money, or handing over their login credentials.

In conversation-hijacking attacks, hackers infiltrate real business email threads by exploiting previously compromised credentials –perhaps purchased on dark web forums, stolen or accessed via brute force attacks – before inserting themselves into the conversation in the guise of one of the group.

"Once they gain access to the account, attackers will spend time reading through conversations, researching their victims and looking for any deals or valuable conversations they can insert themselves," Olesia Klevchuk, senior product manager for email security at Barracuda Networks, said.

The idea is that by using a real identity and by mimicking the language that a person uses, the phishing attack will be viewed as coming from a trusted colleague and is thus much more likely to be successful.

Cybercriminals are leaning hard on this attack technique as a means of compromising businesses, according to new research from Barracuda Networks. Analysis of 500,000 emails showed that conversation hijacking rose by over 400% between July and November last year.

While conversation-hijacking attacks are still relatively rare, the personal nature means they're difficult to detect, are effective, and potentially very costly to organizations that fall victim to campaigns.

For cybercriminals conducting conversation-hijacking attacks, the effort involved is much greater than merely spamming out phishing emails in the hope that a target clicks, but a successful attack can potentially be highly rewarding.

In most cases, the attackers won't directly use the compromised account to send the malicious phishing message – because the user could notice that their outbox contains an email that they didn't send.

However, what conversation hijackers do instead is attempt to impersonate domains, using techniques like typo-squatting – when a URL is the same as the target company, save for one or two slightly altered changes.

But by using a real name and a real email thread, the attackers are hoping that the intended target won't notice the domain is slightly different and that they'll follow the request that's coming from their supposed contact, perhaps a colleague, customer, partner or vendor.

In some cases, it's been known for conversation hijackers to communicate with their intended victims for weeks to ensure that trust is built up.

At some point, the attacker will make their move and try to trick the victim into transferring money, sensitive information, or potentially installing malware.

"These attacks are highly personalized, including the content, and therefore a lot more effective. They have the potential of a huge payout, especially when organizations are preparing to make a large payment, purchase, or an acquisition," said Klevchuk.

"There is a great chance that someone will fall for a conversation-hijacking attack over a more traditional type of phishing," she added.

However, while conversation-hijacking attacks are more sophisticated than regular phishing attacks, they're not impossible to spot. Users should pay attention to the email address a message is coming from and be suspicious if the domain is slightly different compared to what they're used to seeing.

Users should also be wary of sudden demands for payments or transfers and, if there's doubt about the origin of the request, they should contact the person requesting it, either in person, by phone, or by starting a new email to their known address.
​
Organizations can also protect their employees from these attacks by implementing two-factor authentication, because by adding this extra layer, even if login credentials are stolen, attackers can't use them to conduct further attacks.

Mobile hotspots are a crucial tool for travelers needing to keep all their gear connected. But with the advent of 5G, Netgear’s new Nighthawk M5 5G Wi-Fi 6 Mobile Router could replace all of your home’s Wi-Fi equipment with a pocket-friendly hotspot that will provide fast Wi-Fi even when you take it on the road.

As 5G mobile networks continue their slow but steady rollout across the country, mobile internet seems like it is increasingly becoming a viable alternative for users tired of having their internet delivered through a prehistoric coaxial cable with questionable reliability. With 5G capable of delivering download speeds up to one or two gigabits/second, with a strong enough signal reaching a home, it could theoretically deliver more than enough throughput for everything from streaming 4K content to online gaming.

Netgear’s Nighthawk M5 Mobile Router includes features that are now standard on most hotspots, including a dedicated touchscreen display for accessing its settings, showing its connection status, and keeping an eye on how much data you’ve used, and your monthly limit. What other hotspots don’t have is the ability to connect to not only the next-generation 5G mobile networks, but also the next wave of Wi-Fi 6 devices which promise the fastest wireless performance and minimal bottlenecks, even with several smartphones, tablets, computers, and IoT devices all connected at the same time.

Netgear is also positioning the Nighthawk M5 as both an alternative to getting your home internet through wires, and as a reliable backup for when your cable internet or even fiber service goes on the fritz. The M5 includes a removable rechargeable battery so that when used at home, you can instead plug into an outlet. Because hotspots typically don’t have the same Wi-Fi range as larger routers or even mesh networking hardware, the mobile router also includes a gigabit ethernet port so you can connect it to a dedicated Wi-Fi router that will provide a stronger signal throughout your entire home.
​
The Nighthawk M5 won’t be available until sometime in the second half of 2020 at the earliest, with pricing being revealed at that time. And it will also be dependent on a mobile plan, and a carrier who’s operating a 5G network in your area. In other words, ditching cable internet is going to be an expensive proposition when this thing arrives, but the ultimate conveniences could easily outweigh the cost.

The new year is giving scammers an easy way to forge documents, but you can protect yourself with an easy New Year's resolution: Stop abbreviating the year.

Why? This year's abbreviation is easily changeable and could be used against you. The concern is that scammers could easily manipulate a document dated "1/1/20" into "1/1/2000" or even "1/1/2021."

Writing out the full date "could possibly protect you and prevent legal issues on paperwork," according to Hamilton County, Ohio, Auditor Dusty Rhodes.

Ira Rheingold, the executive director of the National Association of Consumer Advocates, says it's early in the year to cite examples, but scammers could use the method to establish an unpaid debt or to attempt to cash an old check.

"Say you agreed to make payments beginning on 1/15/20. The bad guy could theoretically establish that you began owing your obligation on 1/15/2019, and try to collect additional $$$," Rheingold wrote.

In the future, post-dating could be a problem too. For example, a check dated "1/1/20" could become "1/1/2021" next year, possibly making the uncashed check active again, Rheingold wrote. A similar method could be used for debts that are past the statute of limits.

The solution is easy: There's no harm in writing the full date. Writing the month out can also help. 
​
Write this: January 15, 2020. Not this: 1/15/20.

The majority of phones sold today are enabled for 4G connectivity, but if you’re looking to get yourself a new phone with your holiday money, you would be wise to bide your time and get yourself a 5G phone.
Here are five of the best reasons why:

1. 5G networks are better than ever, and keep improving. When launched earlier this year, 5G was limited to a few of the busiest areas of the biggest cities. But now, 5G is present in many more locations than before and will soon spread further.

2. 5G phones will be far more widespread this year. It’s not just the networks that will see significant expansion this year; we also expect to see a far greater number of the devices themselves becoming available. Qualcomm has unveiled its two latest top-of-the-line processors, the Snapdragon 865 and the Snapdragon 765, and both of them have 5G enabled.

The Samsung Galaxy A90 5G is just one of a whole new wave of 5G phones hitting the market. That means there’s no option for a 4G flagship running Qualcomm this year, which is undoubtedly essential news when one considers the ubiquity of the chipsets among Android-sporting brands such as OnePlus, Sony, Motorola, Asus, and more. You’ll have a far greater choice of a 5G phone if you wait for 2020, and depending on your commitment to your favored brand, you might not even have the option to stick to 4G this year.

3. iPhones will almost certainly adopt 5G, so no need to switch to Android. It was mildly surprising that the most prominent tech brand in the world didn’t offer the option of a 5G handset last year, but they will most likely be offering multiple 5G models this coming year. What’s more, a report has indicated that 80 million 5G modems are being readied for the September launch of the iPhone 12, so there’s strong evidence that we may see the whole range enabled for 5G.

4. 5G phones will become more affordable. Also, at the Qualcomm conference, Xiaomi announced that they would release a minimum of 10 new 5G phones throughout 2020, but more crucially, that these new devices would fall in the mid-range and possibly even budget segments of the market.

Most reviewers have been impressed with Xiaomi’s new devices, even though the 5G handsets are costly. So, if Xiaomi brings out models in the mid-range with better pricing and 5G capability, it should be welcome news for the whole market.

Moreover, most industry insiders doubt that Xiaomi will be the only brand to offer mid-range devices.

5. 5G’s excellent performance means it is the future of mobile tech. The most persuasive argument in favor of 5G comes not in the form of words, but numbers. Qualcomm’s latest X55 modem promises top download speeds of 7Gbps, and upload speeds hitting 3Gbps.

The early real-world experience says that performance improvements will be eye-opening. This massive performance improvement to your daily usage would be reason enough to adopt 5G, but it’s the implications for future tech that mean you’ll want to be a part of this new revolution.