How scammers get access to email accounts and how to stop it

Research uncovers a specialised economy emerging around email account takeover.

How scammers get access to email accounts and how to stop it

New research from the University of California has found scammers are increasingly trying to take over email accounts and can spend up to a week in the account once they have access.

The research, conducted in conjunction with online security experts Barracuda, revealed that there is a specialised economy emerging around email account takeovers.

In email account takeovers, attackers use legitimate accounts they have recently compromised to send phishing emails to an array of recipients. These phishing emails come from legitimate accounts, so they are more effective at fooling email protection systems and unsuspecting users.

Over the past year, the researchers studied the end-to-end lifecycle of a compromised account. They examined 159 compromised accounts and investigated how the takeover took place, how long the attackers had access to the compromised account and how the attackers were able to use and extract information from these accounts.

The report found that more than one-third of the hijacked accounts had attackers using the account for more than one week.

In 31 per cent of the account takeovers, one set of attackers were focused on compromising the accounts and then sold access to another set of cybercriminals who were focused on monetising the hijacked accounts.

“Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves,” said Don MacLennan from Barracuda.

Across the incidents studied, researchers found that the majority of phishing attacks relied on two deceptive narratives:

  • messages that falsely alert the user of a problem with their email account
  • messages that provide a link to a fake ‘shared’ document.

In both cases, the attacker provides a link for the victim to click on, which often leads to a phishing website designed to look like a legitimate login page but that ultimately steals the victim’s username and password.

One of the best methods for defending against email takeover is placing strong two-factor authentication on your email account, according to Barracuda.

Have you ever been the victim of a phishing attack? Have you had your email account taken over by a scammer?

If you enjoy our content, don’t keep it to yourself. Share our free eNews with your friends and encourage them to sign up.



    To make a comment, please register or login
    25th Aug 2020
    Received a phishing email today purportedly from US Mail regarding a parcel. Although I am awaiting a parcel I was immediately suspicious and googled the email address. I was right to be suspicious as advice was that this email address was a scam email. I always check google when I receive an email from an unknown address requesting I open a link. Always be on guard.
    25th Aug 2020
    A couple of days ago got a phone call from a 'Private' number with a recorded voice stating they were from Amazon and my account details had been compromised. Press 1 to be put onto a 'consultant'. Funny. I do not have an Amazon account and have never bought anything from Amazon, An obvious phishing scam.
    25th Aug 2020
    Receive phishing scams almost daily, received one today from someone supposedly from PayPal, the email said there was some suspicious activity on my account, they wanted me to log into my account via a link that they supplied to verify my details, obviously I didn’t log in, PayPal advise sending the email to their Scam email department, which I did. I never open or click on links from sources I don’t trust or know. Be aware of one particular scammer fro a guy called Dylan Whitehouse or variations of that, he has been identified as someone out of a University in the US, you would think with all the tracking that’s available they would be able to identify these people, but it’s seems it’s easy for these scammers to hide their identity.
    25th Aug 2020
    I have someone talking in Chinese on my phone. I don't speak Chinese so what a waste of time for them. If I did speak I would never trust a Chinese considering what has happened in the last 8 months.
    Not very honourable mob and only want to save face.They should Look in the mirror and see the real person that is not honourable.
    Delete the number after sending to scam watch
    30th Aug 2020
    I worked with Chinese people for nearly 20 years, and am still in touch with wonderful friends amongst them that I met in the early eighties.
    They are just like the rest of us: some incredibly generous, loyal people, some fair to middling like most of us, and some real bad ones, just like any population on earth.

    Join YOURLifeChoices, it’s free

    • Receive our daily enewsletter
    • Enter competitions
    • Comment on articles