Symantec Global internet Security threat report
accounts often have larger balances than those of personal accounts, resulting in significant losses when corporate account credentials are stolen. in 2009, for example, criminals used the valid online banking credentials of a business to steal over $800,000.200
Although the country in which the bank is located was sometimes included in advertisements, it did not noticeably affect the prices for this reporting period. Some advertisements for bank account credentials listed minimal details, such as the banking organization only. As with bulk credit card information, this may suggest that some advertisers prefer to negotiate rates on a per-customer basis rather than locking themselves into a set price.
the third most common item advertised for sale on underground economy servers observed by Symantec in 2009 was email accounts, making up 7 percent of the total. this was an increase from 5 percent in 2008. Having access to stolen email accounts has many benefits for criminals. the accounts can be used for sending out spam and/or harvesting additional email addresses from contact lists. recipients of spam email coming from a known email address may be more likely to trust the validity of the message.
Compromised email accounts can also often provide access to additional sensitive personal information such as bank account data, student identification numbers, mailing addresses and phone numbers, or access to other online accounts (social networking pages, online stock accounts, etc.) that people often store in saved personal emails. Such information can often be used for the password recovery option offered on many online registration sites that send the account holder a new password via email, potentially giving the fraudster complete access to these accounts. this danger is further compounded by the habit many people have of using the same password for multiple accounts. For example, in a major recent data breach it was discovered that simple passwords remain alarmingly popular, despite the risks of hacking.201 the fraudulently gained personal information can then be used to conduct additional identity theft and fraud.
the advertised prices of email accounts in 2009 ranged between $1 and $20 for each account. Most advertisements listed a flat rate, although some sellers also listed bulk purchase prices such as “30 for $150,” or “$1 each on bulk purchase.” Very few details regarding the email accounts were provided, indicating that the buyers may not be concerned with whether the accounts are for personal or business use. in addition, some of the advertisements stated that Web space was included with the email account and were listed at higher prices. iSps often include free Web space along with email accounts as a part of the service, which many people never use. Criminals who compromise these accounts can use the space to host phishing sites or malicious code without the knowledge of the account owner.
As in previous reporting periods, the observed distribution of goods and services advertised on underground economy servers continues to be focused on financial information, such as credit card information and bank account credentials. this suggests a trend in which criminals are more focused on purchasing goods that allow them to make a quick profit rather than on exploits that require more time and resources, such as scam pages and email lists for spamming. As steps are taken to make it more difficult to obtain and use this financial information, this trend will likely change, albeit gradually as new security technologies take time to be refined and implemented.