There has been a big rise in email thread hijacking around the world, according to a new cybersecurity report from IBM Security.
The practice involves hackers using compromised email accounts to reply within ongoing conversations posing as the original participant.
According to IBM's latest X-Force Threat Intelligence Index, the level of attempted email thread hijacks doubled last year compared to 2021.
Cybercriminals use the compromised emails to deliver malicious software that often results in ransomware attacks.
IBM is advising businesses to make employees aware of thread hijacking to help reduce the risk of them falling victim.
The X-Force Threat Intelligence Index analyses the latest cyberattack trends and found that the average time to complete a ransomware attack last year dropped from two months down to less than four days.
The research found that the number of cybercriminals targeting credit card information in phishing attacks dropped by 52% in one year, indicating that attackers are prioritising personal information such as names, emails and home addresses, as these can be sold for a higher price on the dark web or used to conduct further operations.
According to IBM Security, the most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks.
Europe was the most targeted region for this method, representing 44% of extortion cases observed, as cyber criminals sought to exploit geopolitical tensions.
Manufacturing was the most extorted industry in 2022 for the second consecutive year.
Manufacturing organisations are an attractive target for extortion because of their extremely low tolerance for downtime.
"Attackers always find new ways to evade detection. Good defence is no longer enough," said Charles Henderson, Head of IBM Security X-Force.
"To break free from the never-ending rat race with attackers, businesses must drive a proactive, threat-driven security strategy," Mr Henderson added.
