Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

    iStock-1176428256ZDNet's Zero Day column just reported one of the best reasons why you should step your users through new-school security awareness training yet:

    "A threat actor is currently selling passwords for the email accounts of hundreds of C-level executives at companies across the world. The data is being sold on a closed-access underground forum for Russian-speaking hackers named Exploit.in, ZDNet has learned this week.  The threat actor is selling email and password combinations for Office 365 and Microsoft accounts, which he claims are owned by high-level executives occupying functions such as:

    • CEO - chief executive officer
    • COO - chief operating officer
    • CFO - chief financial officer or chief financial controller
    • CMO - chief marketing officer
    • CTOs - chief technology officer
    • President
    • Vice president
    • Executive Assistant
    • Finance Manager
    • Accountant
    • Director
    • Finance Director
    • Financial Controller
    • Accounts Payable

    Access to any of these accounts is sold for prices ranging from $100 to $1,500, depending on the company size and user's role. A source in the cyber-security community who agreed to contact the seller to obtain samples has confirmed the validity of the data and obtained valid credentials for two accounts, the CEO of a US medium-sized software company and the CFO of an EU-based retail store chain.

    The source, which requested that ZDNet not use its name, is in the process of notifying the two companies, but also two other companies for which the seller published account passwords as public proof that they had valid data to sell. These were login details for an executive at a UK business management consulting agency and for the president of a US apparel and accessories maker.

    I don't have to tell you the risks that this brings related to CEO Fraud, also known as Business Email Compromise. ZDNet has the full story:

    https://www.zdnet.com/article/a-hacker-is-selling-access-to-the-email-accounts-of-hundreds-of-c-level-executives/

     

    Return To KnowBe4 Security Blog

    Get Your CEO Fraud Prevention Manual

    CEO-Fraud-Prevention-Manual-WP-FannedCEO fraud has ruined the careers of many executives and loyal employees, causing over $26 billion in losses. Don’t be the next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

    Get Your Manual

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ceo-fraud-prevention-manual

    Topics: Phishing, Spear Phishing, Security Awareness Training, IT Security, CEO Fraud

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews