Access to email accounts is on sale at a price range of $100 to $1500, depending on the company and the role of the executive.
Recent reports revealed that a hacker is selling email credentials for Microsoft and Office 365 on a closed-access underground forum for Russian hackers named Exploit.in. on a darknet. These are not some ordinary email accounts but are the email accounts of high-level executives like CEO, COO, CFO, CMO, CTO, President, Vice president, Executive Assistant, and others.
The price for the email credentials ranges from $100 to $1500, depending on the company size and the role of the user. A source in the cybersecurity community said that they had contacted the seller to get the samples. They have confirmed the validity of the data and managed to obtain two samples of valid ID and password for two accounts from the hacker. The obtained accounts belong to the CEO of a US medium-size software company and the CFO of an EU-based retail store.
The seller claimed he has hundreds of credentials for sale but denied naming the source from where the credentials are obtained. However, according to a threat intelligence firm, the same hacker had bought “Azor log”. It refers to the data collected from computers using AzorUIT info-stealer trojan. It is a malware that collects various types of sensitive information from an infected computer and sometimes downloads additional malware.
Not the “First” Nor Will be the “Last”
This is not the first case which is reported in 2020, earlier this year a popular Italian email provider claimed that they suffered a hacker attack back in 2018. The data breach involved the theft of personal data of more than 600,000 Email.it users which were sold on the darknet.
The Email.it hacks came to light when the hackers, who go by the name of NN (No Name), went on Twitter to promote the website where these data were being sold. According to the hackers, they attacked their server and after they obtained sensitive information from it. They asked for a ransom from the company. But the company refused to pay and instead notified the Italian Postal Police (CNAIPIC).
Failing the extortion attempt, the hackers sold the accounts for a price that varies between 0.5 bitcoin and 3 bitcoin on the dark web.
The Importance of Securing Email Credentials
Once the email account is compromised, it can be used for just about anything on the internet. Either it can be a password of your email account or social media account, but passwords are the front door. It is the entrance to your personal data, money, and secrets. The more the high-ranking official email credentials the more the vulnerability.
Hackers can use these email accounts as part of a ‘CEO Fraud’. With the email accounts at their disposal, it makes it easy to manipulate any of the employees in sending out confidential tax information, executing unauthorized wire transfers, access sensitive information, or access to other internal systems of the company that requires email-based two-factor authentication.
Apart from all these losses a hacker can also steal your identity and damage the reputation of you and your company you are associated with.
Your Emails can be Secured with a Bit of Perseverance
We hear about cybersecurity attacks now and then, but the real question is, are you secure? Is your organization taking every measure to prevent the cybersecurity threats that are happening around you?
While your email account might not be included in the list for sale it is yet advisable to secure your personal and professional email accounts to avoid any kind of cybersecurity threats.
Preventive measures to secure your email accounts:
- Strong passwords- It is recommended to use strong passwords which are a combination of number, symbol, uppercase and lowercase letter so that criminal hackers won’t figure out your password easily.
- 2FA or MFA- In addition to having a strong password it is advisable to add another security layer that is to includes two-factor authentication or multi-factor authentication.
- Check for 2FA support- Not all email service providers provide 2FA. So, when you are signing up for an email account make sure the email service provider offers you extra protection with 2FA or MFA.
- Don’t fall for phishing attacks- Phishers often send malicious links through email or text that look legitimate, but once you click the link it will provide them all your credentials. So, make sure you don’t click any links that look suspicious especially when the sender is unknown.
- Train employees- Humans are considered as one of the weakest links in the cybersecurity chain but not if they are educated about the risk. It is a preventive measure for an organization to train its employees about the common cybersecurity attacks happening worldwide. Tools such as ThreatCop helps in achieving it.
- Monitor your emails- Last but not least is to monitor your outbound emails. Tools like KDMARC monitor your emails that are sent. It keeps you safe from spoofing, domain forgery, and brand impersonation.
