Express Computer
Home  »  Security  »  Hackers create specialised economy around hijacked email data

Hackers create specialised economy around hijacked email data

1 282

Hackers have created a specialised economy around email account takeover via methods like brand impersonation, social engineering and spear-phishing, retaining the data for long period of time to make more money by reselling it to another set of cybercriminals on the Dark Web, a new report revealed.

More than one-third of the hijacked accounts analysed by researchers at Barracuda, a leading provider of cloud-enabled security and data protection solutions, had attackers dwelling in the account for more than one week.

In 31 per cent of these compromises, one set of attackers focused on compromising accounts and then sold account access to another set of cybercriminals who focused on monetising the hijacked accounts.

Nearly 20 per cent of compromised accounts appear in at least one online password data breach, which suggests that cybercriminals are exploiting credential reuse across employees’ personal and organization accounts, according to the report.

“Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves,” said Don MacLennan, SVP Engineering, Email Protection at Barracuda.

Barracuda researchers teamed up with leading researchers at University of California-Berkeley to study the end-to-end lifecycle of a compromised account.

After examining 159 compromised accounts that span 111 organisations, they identified the ways account takeover happens, how long attackers have access to the compromised account, and how attackers use and extract information from these accounts.

Nearly 78 per cent of attackers did not access any applications outside of email.

“Staying informed about the attackers’ behaviour will help organisations remain vigilant and put the proper protection in place so they can defend themselves against these types of attacks and respond quickly if an account is compromised,” suggested MacLennan.

Get real time updates directly on you device, subscribe now.

1 Comment
  1. Bruno Marcoux says

    Thank you for this valuable and useful information. Keep it up! Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image