HomeTechnologyHow scammers take over email
Technology

How scammers take over email

Ben Hocking
By Ben Hocking
0

New research from the University of California has found scammers are increasingly trying to take over email accounts and can spend up to a week in the account once they have access.

The research, conducted in conjunction with online security experts Barracuda, revealed that there is a specialised economy emerging around email account takeovers.

In email account takeovers, attackers use legitimate accounts they have recently compromised to send phishing emails to an array of recipients. These phishing emails come from legitimate accounts, so they are more effective at fooling email protection systems and unsuspecting users.

Over the past year, the researchers studied the end-to-end lifecycle of a compromised account. They examined 159 compromised accounts and investigated how the takeover took place, how long the attackers had access to the compromised account and how the attackers were able to use and extract information from these accounts.

The report found that more than one-third of the hijacked accounts had attackers using the account for more than one week.

In 31 per cent of the account takeovers, one set of attackers were focused on compromising the accounts and then sold access to another set of cybercriminals who were focused on monetising the hijacked accounts.

“Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximise the ways they can exploit the account, whether that means selling the credentials or using the access themselves,” said Don MacLennan from Barracuda.

Across the incidents studied, researchers found that the majority of phishing attacks relied on two deceptive narratives:

  • messages that falsely alert the user of a problem with their email account
  • messages that provide a link to a fake ‘shared’ document.

 

In both cases, the attacker provides a link for the victim to click on, which often leads to a phishing website designed to look like a legitimate login page but that ultimately steals the victim’s username and password.

One of the best methods for defending against email takeover is placing strong two-factor authentication on your email account, according to Barracuda.

Have you ever been the victim of a phishing attack? Have you had your email account taken over by a scammer?

If you enjoy our content, don’t keep it to yourself. Share our free eNews with your friends and encourage them to sign up.

Related articles:
https://www.yourlifechoices.com.au/technology/safety-online/online-privacy-protection
https://www.yourlifechoices.com.au/technology/computers/wow-the-grandkids-on-your-video-call
https://www.yourlifechoices.com.au/health/covid19/social-media-key-to-covid-sentiment

Previous article
The economy for retirees
Next article
COVID heaps pressure on estate planning
Ben Hocking
Ben Hocking
Ben Hocking is a skilled writer and editor with interests and expertise in politics, government, Centrelink, finance, health, retirement income, superannuation, Wordle and sports.
FROM THE AUTHOR
- Our Partners -

DON'T MISS

Load more
- Advertisment -

MORE LIKE THIS

- Advertisment -

Help & Support

Privacy Policy

Terms of Service

Terms and Conditions

Editorial Policy

FAQs

ABOUT US

YourLifeChoices is Australia’s most established and trusted digital publication for the 50+ audience, with a core focus on helping Australians navigate midlife and the retirement landscape.

Since 2000, YourLifeChoices has been providing Australians with essential news, articles and retirement resources – and membership is FREE!

FOLLOW US

Log In

Forgot password?

Don't have an account? Register

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.