searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • (IN)SECURE Magazine

Featured news

  • Now-fixed Linux kernel vulnerabilities enabled local privilege escalation (CVE-2021-26708)
  • Exchange Servers targeted via zero-day exploits, have yours been hit?
  • 10 strategies small security teams can use for effective cybersecurity management
  • Enterprises observing uptick in risky behaviors since shift to remote work
  • How to tackle modern agriculture security challenges
Help Net Security
Help Net Security
July 27, 2020
Share

Attackers have created a specialized economy around email account takeover

Barracuda released key findings about the ways cybercriminals are attacking and exploiting email accounts. The report reveals a specialized economy emerging around email account takeover and takes an in-depth look at the threats organizations face and the types of defense strategies you need to have in place.

email account takeover

Report highlights

  • More than one-third of the hijacked accounts analyzed by researchers had attackers dwelling in the account for more than one week.
  • 20% of compromised accounts appear in at least one online password data breach, which suggests that cybercriminals are exploiting credential reuse across employees’ personal and organization accounts.
  • In 31% of these compromises one set of attackers focuses on compromising accounts and then sells account access to another set of cybercriminals who focus on monetizing the hijacked accounts.
  • 78% of attackers did not access any applications outside of email.

email account takeover

“Cybercriminals are getting stealthier and finding new ways to remain undetected in compromised accounts for long periods of time so they can maximize the ways they can exploit the account, whether that means selling the credentials or using the access themselves,” said Don MacLennan, SVP Engineering, Email Protection at Barracuda.

“Being informed about attacker behavior will help organizations put the proper protection in place so they can defend against these types of attacks and respond quickly if an account is compromised.”

More about
  • account hijacking
  • Barracuda Networks
  • cyberattack
  • cybercriminals
  • cybersecurity
  • email
Share this
bot

Proliferation of sneakerbots across industries: The long tail of DIY bot operators

  • Preparing for the Cybersecurity Maturity Model Certification onslaught
  • Protecting the digital workplace with an integrated security strategy
Free certification Exam Action Plan from (ISC)²

What's new

Microsoft Exchange

Exchange Servers targeted via zero-day exploits, have yours been hit?

10 CISO strategies

10 strategies small security teams can use for effective cybersecurity management

work from home

Enterprises observing uptick in risky behaviors since shift to remote work

bot

Proliferation of sneakerbots across industries: The long tail of DIY bot operators

Don't miss

Microsoft Exchange

Exchange Servers targeted via zero-day exploits, have yours been hit?

bot

Proliferation of sneakerbots across industries: The long tail of DIY bot operators

10 CISO strategies

10 strategies small security teams can use for effective cybersecurity management

puzzle

Preparing for the Cybersecurity Maturity Model Certification onslaught

malware

Multi-payload Gootloader platform stealthily delivers malware and ransomware

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • Twitter

In case you’ve missed it

  • How do I select a cloud security solution for my business?
  • Chief Legal Officers face mounting compliance, privacy and cybersecurity obligations
  • How do I select a network monitoring solution for my business?
  • Tips for boosting the “Sec” part of DevSecOps

(IN)SECURE Magazine ISSUE 67 (November 2020)

  • Hardware security: Emerging attacks and protection mechanisms
  • Justifying your 2021 cybersecurity budget
  • Cooking up secure code: A foolproof recipe for open source
  • Mapping the motives of insider threats
Read online
© Copyright 1998-2021 by Help Net Security
Read our privacy policy | About us | Advertise