As you know, the email address is one of the most important ways to protect personal data, and other user accounts can also be linked to it. When a cybercriminal gains access to a user's e-mail, he is able to obtain almost all confidential data not only of mail, but also of other accounts, because we often use e-mail to register and log into other Internet platforms. It is critically important to use two-factor authentication, without it the data is as easy as possible to obtain, so we advise you to set up this type of login to your account right now for greater protection. However, two-factor authentication can also be bypassed - just need to intercept the access code.
A "targeted" attack is an email hacking term in cybersecurity terminology. As part of serious state cybercrimes, such cases are investigated by special organizations like the NSA and the GRU, but there is another black market for hacker services, where you can order to break into any mailbox for a certain amount. Services of this kind are very popular, for example, in Russia, in particular, because in the Russian Federation there is still no clear legislation regarding cybercrimes, and the attacker does not face criminal liability for the usual hacking of mail.
In December 2021, a team of information security specialists set up an experiment. They found 27 different services for hacking emails, most of the sites offered services in Russian, the rest in English. The cost of hacking mail starts from $23 to $500 per account. It turned out to be the cheapest way to hack the mail of Russian services. Western ones are more expensive, and hacking Facebook and Instagram accounts will not cost much less than Yahoo and Gmail, which are $450-$550.
The essence of the experiment is to find out how efficiently and quickly hired hackers will be able to fulfill an order - to hack a user's mailbox. At first, all artificially created mails were loaded with information (inboxes, sent, spam) from the database of free e-mails. In addition, the team has also created websites advertising a business that belongs to the victims.
To ensure the purity of the experiment and the "story" of each victim, site domains were bought through an auction. The web page was then linked to the victim's email address, and the email address of the fictitious partner was specified. Thus, the bogus mail was “covered” from all sides and looked as natural as possible.
The experiment team suggested that the attackers would use social media to hack mails, so Facebook profiles were created for the victims. Accounts were made private with a minimum of information, with the exception of the advertising platform for the victim's business.
The experiment was even assisted by Google, with their help it turned out to track the activity of each email. In activity reports, they tracked attempts to log into the account and IP addresses, as well as the activation of the code during 2F authentication when logging into the profile.
At this time, special trackers were installed on the victims' website, which helped to track authorization from specified sites, for example, Facebook. When an attacker logged into the site using a Facebook account, the source of the login was reflected in the page's browsing history.
The hired hackers were monitored for several weeks. It turned out that many "hackers" are ordinary people who took payment and disappeared or fooled customers and ended up disappearing anyway. Another part of the hired burglars took payment after the order was completed, but they, having received the task, were inactive for a very long time and did not get in touch.
As a result of the experiment, only 5 out of 27 hackers took up hacking orders with relative competence.
The information security team tracked the actions that cybercriminals can use to hack the account. Only 5 orders turned out to be successful, and then, the capture of the account took place only due to the assistance of victims.
In all cases, the hackers tried to lead the target to a phishing page for entering a password for an account or a two-factor authentication code for their account. The fake victims allegedly entered all the data.
Contrary to what the experimenters would suggest, no hired attacker attempted to access Facebook accounts or partner email. On average, scammers managed to hack mail in 25 days, sending about 10 phishing messages to the victim.
Phishing lures are:
- letters to the mail supposedly from Google;
- letters from public service;
- letters from a bank or tax office;
- letters from strangers to interest the victim;
- letters from a friend.
The most basic thing is to pay attention to incoming messages and not click on unreliable links. Professionals can hack mail without phishing, but the research did not use such methods.
To protect your account from hacking, a USB hardware security is used with two-factor authentication, and of course, all of us just need to be careful.
During the working day, corporate employees send a lot of private information regarding the company. Naturally, this information should be protected as much as possible. For this, it is better to use a combination of protection methods and work in a team - management + employees.
Leaders must understand the importance of ensuring information security in their enterprise, and one of the most reliable ways to prevent the leakage of corporate information is to establish a reliable DLP system. How can a DLP system help? Let's take a look at the example of SecureTower from Falcongaze.
In the SecureTower system, complete control of corporate information is achieved by monitoring the maximum number of communication channels and data transfer protocols.
Communication channels controlled by SecureTower:
- visited sites;
- IP telephony;
- connected devices;
- network and local printers;
- FTP;
- messengers;
- clipboard;
- network storages;
- social networks;
- cloud storage.
After analyzing the intercepted data, if there is a violation of the security rule, the system automatically notifies about the incident with all information about it. Further, the security service of the company deals with the violation.
As you can see, the services of hacking email accounts, and, accordingly, the risks of losing confidential data are quite high. Therefore, in addition to two-factor authentication and attentiveness, it is better to take care of protecting data in the workplace by using DLP.