[lug] Fwd: ACM Queue goes undercover to investigate the email hijacking black market

Tue Nov 12 19:19:00 MST 2019

You might be already familiar with this, but if not. it's a very
interesting study.

---------- Forwarded message ---------
From: acmqueue <acm_mem6 at hq.acm.org>
Date: Tue, Nov 12, 2019 at 9:24 AM
Subject: ACM Queue goes undercover to investigate the email hijacking black
market

[image: click on "download images" to view header]

A single email address often underpins one's entire online identity, from
banks, to business, to social media profiles and more. An attacker gaining
access to an email account poses the risk of compromising all the other
services tied to that account as well. Politicians, journalists, and
cryptocurrency folks have all been the victims of targeted attacks in which
hackers have been able to access a plethora of sensitive information by
first gaining access to the victims' email account credentials.

Seeking to exploit these vulnerabilities for profit, a black market for
"hack-for-hire" services that purport to break into the accounts of a
variety of different email providers has emerged. The article "Hack for
Hire: Investigating the emerging black market of retail email account
hacking services
<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x31ec9bx015297&>"
by Ariana Mirian in the latest issue of ACM Queue describes the author’s
undercover effort to understand and expose these nefarious actors. To do
this, Mirian and her research team identified 27 retail email account
hacking providers and solicited their services. In truth, however, the
"victim" accounts the hackers thought they were penetrating were actually
Google accounts that Mirian and her team created for the purposes of the
experiment.

"Regardless of the behavior of the market, this study sheds light on the
importance of security keys for populations who believe they are at risk,
as only a security key can protect a user from the attacks viewed in this
study," Mirian writes.

The bimonthly issues of ACM Queue are free to ACM Professional members.
(One-year subscription is $19.99 for non-ACM members.) Visit ACM Queue
<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x319f71x015297&>
for more information.

<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x31aa64x015297&>

<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x31d001x015297&>

<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x31c2b8x015297&>

ACM | 1601 Broadway, 10th Floor | New York, NY | 10019

* ACMQueue
<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x31c2c3x015297&>
*    *Contact Us*
<https://orange.hosting.lsoft.com/trk/click?ref=znwrbbrs9_6-22706x31d002x015297&>
[image: Find us on Facebook]
<https://www.facebook.com/ACM-Queue-117006418374344/>   [image: Visit us on
Twitter] <https://twitter.com/ACMQueue>   [image: ACMQueue subreddit]
<https://www.reddit.com/r/ACMQueue>   [image: ACMQueue RSS feeds]
<http://queue.acm.org/rssfeeds.cfm>

Unsubscribe
<https://optout.acm.org/unsubscribe.cfm?rm=xIlXboOA879BE6BF5BFC70B0CBFF20A534C139D7852466861676346494D656754494B71&ln=ACMQUEUE>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20191112/3162c0f9/attachment.html>