Conversation Hijacking
A fraud technique where attackers infiltrate existing legitimate communications — online or by phone — to steer victims toward a fraudulent outcome.
Also known as: thread hijacking, email chain hijacking, reply-chain fraud
Last reviewed: 1 June 2026
While thread hijacking refers specifically to email, conversation hijacking is a broader term that encompasses any tactic where a fraudster inserts themselves into ongoing legitimate communications. This includes hijacking online chat sessions, intercepting messages on messaging platforms, and even joining conference calls under false pretences.
In the context of real estate and property transactions, conversation hijacking is particularly damaging: attackers monitor email chains between buyers, solicitors, and estate agents, then impersonate one party at a critical moment — typically when a large deposit or completion payment is due — to redirect funds to a fraudulent account. Victims receive what appears to be updated bank details from their trusted solicitor; in reality, the message came from an attacker who had access to the email thread.
The attack succeeds because all contextual cues — the name, the email history, the expected stage of the transaction — appear normal. Defence requires out-of-band verification: always confirm bank details in person or by a previously established phone number before any significant transfer, regardless of how convincing the email appears.
Examples
- A homebuyer receives an email that appears to continue their solicitor thread with new bank details for the completion payment; the email is from a fraudster who compromised the chain.