ITBusiness.ca

More hackers hijacking email, Facebook accounts

More hackers are hijacking email and Facebook accounts but almost a quarter of their victims are doing nothing to prevent falling prey again, a new global study says.

The amount of spam sent by zombies from forged Hotmail addresses fellfrom 71.8 per cent to 64.8 per cent between Q2 and Q3 of this year. Butspam sent from actual valid Hotmail accounts that were compromised orset up by spammers grew from 28.2 per cent in Q2 to 35.2 per cent inQ3, according to “The State of Hacked Accounts,” astudy by cloud-based security provider Commtouch.

Yahoo was the most victimized account system (27 per cent ofthe total), followed by Facebook (23 per cent), Gmail (19 per cent) andHotmail (15 per cent). Other Web mail systems collectively made up theremaining 15 per cent.

“Spammers are increasingly movingtheir traffic from botnets to compromised emailaccounts wherever possible,” according to the report, which Commtouchcalls the first ever detailed analysis of hacked email and social mediaaccounts.

Email and social media are becoming preferred ways to spread spam sincethe Rustock botnet, which wasresponsible for 30 per cent of the world’s spam, was taken down by aMicrosoft Corp.-led consortium in March, the study suggests.

“(Email hijacking) just wasn’t that prevalent before. But when we sawit was still increasing we decided to do more research. We wanted toget more of the perspective of the end user,” said Rebecca Herson,vice-president of marketing at Commtouch’s global headquarters inNetanya, Israel.

Although email hijacking is heating up, many surveyed victims had alukewarm response after their accounts were compromised. Although threequarters of victims took action after discovering the breach (such aschanging passwords or running an antivirus program on their computer),23 per cent did nothing because they figured it was just a one-timefluke.
“I was really surprised,” Herson said of the lack of action by nearly a quarter of respondents. “If it was one time but (the hackers) didn’t actually steal their (online) credentials, they may be fine. But ifthey were stolen by a keylogger, it could also be stealing othercredentials that could lead to identity theft or theft of financial information.”

Keylogging software or hardware can be used to steal passwords andother sensitive data by tracking which keys someone hits while typingon their computer.

Those surveyed also appear to have a low level of awareness about howtheir accounts were hacked and what the hackers used them for. Themajority of respondents (54 per cent) said they only learned they hadbeen victimized after friends pointed it out. Although 54 per cent saidtheir accounts were used to send spam, 23 per cent said they don’t knowwhat hackers did with them.

While 15 per cent of victims believe their accounts were hacked during public wi-fi use and an equalpercentage listed a Facebook link as the probable culprit, most people(62 per cent) aren’t sure how their accounts got hacked.

“Our main tip is to use your head. Be cautious if you’re using a publicInternet terminal or wi-fi,” Herson said.

Although hijacked email accounts spread spam more slowly than botnets,the study says they are harder for most security systems to blockbecause they come from valid, whitelisted IP address ranges. Hijackedemail accounts also pose more danger, the report says, because theypoke a hole through one of the oldest, most basic security tips: onlyopen emails or attachments from sources you recognize and trust.

ChristineWong is a Staff Writer at ITBusiness.ca. Follow her on Twitter,and join in the conversation on the IT BusinessFacebook Page.
Exit mobile version