Hundreds Of CEO, CFO Email Passwords Are for Sale on the Dark Web

Onerep brings you the latest news from the world of data security. Stay tuned to learn about high-profile data breaches, impactful personal information misuse, and other cybersecurity incidents involving both businesses and individuals.

What Happened?

According to a ZDNet report from November 27, 2020, a hacker is selling email credentials belonging to C-level managers “on a closed-access underground forum for Russian-speaking hackers named” The prices vary from $100 to $1,500 depending on the company’s size and the executive’s position.

What Information Was Involved?

The compromised data includes email and password combinations for Office 365 and Microsoft accounts of CEOs, COOs, CTOs, CFOs and CMOs, and many others. 

The validity of the data was confirmed by an unnamed source from the cyber community who contacted the seller. The login credentials for two accounts obtained were identified as belonging to the CEO of a medium-sized US-based software company and the CFO of an EU-based retail store chain. The threat actor didn’t reveal how he received the credentials but stated he had “hundreds more to sell”.

What Are the Risks to You?

Below  are just a few ways in which cyber criminals can exploit your corporate email address once they gain access to it.  

Scamming Everyone in Your Contact List 
Cyber criminals can use your address to send anything –  from harmful malware to scams. If you’re an executive, they can manipulate employees into wiring them large sums of money or abuse your email credentials for CEO scams, also known as Business Email Compromise (BEC). According to the FBI’s Internet Crime Report, BEC attacks are a prominent threat that cost organizations an estimated $1.77 billion in 2019. 

Compromising Other  Systems Within Your Business
Your corporate email credentials can be exploited in order to gain access to other internal systems that require email-based 2-factor authentication. The next step bad actors may take is hacking other employees’ accounts or conducting a network intrusion.

Holding your email inbox ransom
In this case, you will get your email account back only after you’ve paid the bad actors what they’re asking for.

Stealing Your Identity 
If through your email  the hacker gains access to your personally identifiable information (e.g. your Social Security number or credit card details), they can easily steal your identity. If your email address has been compromised, look for these signs to spot identity theft.

Is There Anything You Can Do?

  • Lock Down Your Accounts: Check all other accounts and information linked with the compromised email address. Cut off access by changing the password or changing other settings on those accounts.

  • Notify Necessary Parties: Contact everyone you’ve previously emailed. It’s important to reach out to your business partners who might have sensitive information stored on their email accounts. Also, be sure to notify your banks and other financial institutions (or at least change the verification account info as we advise above).

  • Contact IT and Your Email Provider: Call your company’s IT team. They’ll know how to reduce the damage and secure the network against further attacks. Look up your email provider’s guidelines for compromised accounts and contact them to report the hacking incident.
  • Clean Up Your Email: Once you regain access to your email, try to identify how you lost it in the first place. You might have malware on your system – in which case, you will have the same problem over and over again if you don’t eliminate the threat. 

  • Ensure the Best Possible Protection: After you’ve taken the above measures, make sure to use strong security questions, original passwords, and two-step verification to add an extra layer of security for your accounts.

Compromised Email Is a Threat to Your Business and Your Identity

Hacked email accounts are a common source of sensitive information for identity thieves. 

Follow the instructions above to protect your corporate and personal accounts. Also, make sure you take steps to secure your identity. Onerep can help. We monitor your personal information online and remove details like email address, phone number and other sensitive data from 196 people-search engines.

Click here to view our protection plans and sign up for our free trial to keep yourself safe online.

Check if people-search sites expose your info

OneRep scans 196 data broker sites for your profiles
and removes your private information. Automatically.  

Maria Shishkova

Digital Marketer & Privacy Expert at OneRep | LinkedIn