What Can I Do With A Hijacked Email Account? Part 2

On Monday we opened this discussion about hijacked email accounts, and showed some examples of the phishing tricks that attackers use to get you to reveal your email password.  Today we will explore the many useful and profitable exploits that a compromised email account offers a cyber-criminal or other attacker.

I consider email account compromise to be one of the most personally harmful cyber-exploits.  When another person has access to your email ...

Continue Reading →
0

What Can I Do With A Hijacked Email Account? Part 1

Let’s say I just hijacked your email account.  What can I do with it?

First thing, a hijacker would not announce his or her presence in your account.  Staying undetected is important so you do not change your password.  Depending on what the attacker is doing with your email account, there is a significant probability that you would not know your account was compromised for several days, weeks, or even years!

In order ...

Continue Reading →
0

Speaking at 2017 ISSA International Conference

I am honored to be presenting at the 2017 ISSA International Conference, October 9-11 in San Diego, CA. This year’s theme is “Digital Danger Zone.” Please join me for networking, education, and fun.

I will be presenting “Shields Up for WordPress Web Sites and Blogs.”  This presentation covers the threat of website hijacking, what an attacker wants to do with your website, ...

Continue Reading →
0

Ransomware is not Dead Yet

Toward the end of last year I made a pair of bold predictions.  The first, that ransomware exploits would start declining, because anti-malware software companies were bringing products online that would prevent the encryption from taking place.  The second, there would be an increase in Business Email Compromise (BEC) exploits, as cyber-criminals turned to new income streams.  I was only half right.

BEC exploits have increased, because the potential returns are so ...

Continue Reading →
0

Another Lottery Scammer Nabbed by the Feds

We have reported previously about Operation Hard Copy.  This is from the US Department of Justice: The US Marshall’s Service arrested another member of the North Dakota lottery scam in Jamaica recently.

“United States Attorney Chris Myers announced today, that the U.S. Marshals Service, working with Jamaican law enforcement, has located and apprehended another man charged with participating in an international organized crime advance fee “lottery scam” which defrauded at least 90 mostly ...

Continue Reading →
0

Go Big or Stay Home

It is my belief that if you are planning a crime, you might as well go for the glory.  The jail time is the same whether you steal $50,000 or $50 million.

I’m not sure if this is the biggest phishing scam ever, but it is the biggest I’ve heard of.  A Lithuanian man named Evaldas Rimasaukas devised a scheme that extracted over $100 million from Google and Facebook.  He achieved this feat ...

Continue Reading →
0

Report and Recover from Identity Theft with New FTC Service

Identity theft is a crime that can take years to recover from.  One of the early problems for an identity theft victim has been the requirement to file a police report.  Many police departments do not devote much effort to identity theft, so sometimes getting the police to actually create a report and provide you with a report number can difficult.  If the ...

Continue Reading →
0

How Do You Know If Your Identity Was Stolen?

Identity theft can be devastating, and painfully hard to resolve.  It can have negative effects on your credit rating.  It could result in you being arrested for an open warrant on charges for a crime committed by the person who is using your identity.  Identity theft occurs in different ways.  Sometimes is is part of an online scam that may start with a ...

Continue Reading →
0
Page 1 of 2 12