Businesses all over the world rely on email for correspondence with both partners and customers. It's a wonderful piece of technology when used appropriately, and yet many organizations get a little too liberal with their email usage. Specifically, many company leaders utilize the service to send and receive confidential documents. Email may be incredibly convenient, but it simply wasn't built for such a task.
There are many reasons for email security problems, but perhaps one of the most relevant reasons surrounds the LinkedIn data breach that occurred in 2012. Although this attack happened years ago, recent developments have shown the problem is much worse than previously thought. In fact, it is such a monumental breach that it very well could cover up some business email compromise scams.
"A hacker intends to sell around 117 million LinkedIn login credentials."
The breach was bigger than initially reported
Back in 2012, LinkedIn became aware that the passwords of a large portion of its users had been breached. Original research into the matter found that around 6.4 million passwords had been put on the Internet around this time, leading LinkedIn's administration to believe that this was the extent of the attack. However, this was only the beginning.
Recently, a hacker who goes by the pseudonym "Peace" contacted the staff at VICE Motherboard, stating that he intended to sell around 117 million login credentials for the site. Apparently, this individual got ahold of the information due to some poor storage behavior on LinkedIn's part. Although the site did use encryption for the passwords, it didn't use something called salting. This basically tosses in random chains of numbers into the already encrypted data. Hackers often look for patterns within encryption methods that would allow them to backtrack the information, and salting stops them from being able to do this.
Although LinkedIn should have been salting its passwords, uncovering these login credentials certainly wasn't easy and Peace wants to be compensated for his time here. The cybercriminal is asking for 5 bitcoins, which is around $2,200, for the data he has stolen. While buying login information from 2012 may seem absurd, the reality is that very few people actually change their credentials on a regular basis. In fact, VICE Motherboard has confirmed that certain users are still using the same password and login for the site that they did in 2012.
Jumping accounts is easy if you already have access to one
This hack may not have directly affected an email service provider, but it's certainly the next best thing for a hacker looking to worm his way into an organization. Many people connect their LinkedIn accounts with their work email, which makes it easy for criminals to access private company correspondence.
What's more, getting into a private email account in this fashion isn't something that only happens to the unfortunate or unlucky. In fact, a hacker used a similar method to gain access to CIA Director John Brennan's personal email account back in October 2015.
According to Wired, the whole incident began when the cybercriminal discovered that Brennan was a Verizon customer. After calling the company, the hacker stated that he was a technician who needed help with Brennan's account. He gave the Verizon worker a false employee verification number and received information about Brennan, including his AOL email address and some banking information.
Once the hacker had this data, he quickly called AOL customer support claiming to be Brennan. He asked AOL to change the account's password, and simply gave the representative all the information he got from Verizon in order to confirm his identity. In two short phone calls, a private citizen was given access to the CIA director's personal email.
What can a hacker do once he's in?
While it would seem the individual behind this incident was only committing the crime to draw attention to America's actions relating to Palestine, compromised email accounts can be incredibly dangerous in the wrong hands. In fact, the FBI has an entire term for the matter: business email compromise. This epidemic has become such a problem that BEC victims can expect to have around $130,000 stolen from them.
To make money out of one of these schemes, the hacker first needs to gain access to an email account. There are many ways to do this, but one of the easiest would be to buy credentials online like the LinkedIn information the hacker Peace is selling. These accounts are often linked to business email addresses, so gaining access after purchasing these credentials would be quick work.
After that, unlike Brennan's hacker, the criminals would stay quiet and wait. They wouldn't want attention drawn to them, so they would simply sit back and learn as much as they can about the employee they're impersonating. Once they get the mannerisms down, it's time to strike. Hackers will then send a very official-looking email from the account they've compromised, claiming that customer payment information has changed. They'll then put in a request for money, giving their own account data instead.
The reason this is so dangerous is because the message generally comes from a person with the authority to ask for new money orders. Few people question an email directly from a CEO, which is exactly what the criminal is hoping for. Before the hacked administrator even discovers what's going on, the hacker has cashed out and is gone for good.
FoIP is just more secure than email
Situations like these are exactly why so many organizations are making the switch to Fax over IP. People use their emails so much online that they just can't be considered secure. FoIP, on the other hand, is thought by many to be an incredibly safe means of communication. With tight administrator controls, encryption and a heavy company emphasis on security as a whole, FaxCore's FoIP solution is designed to be as secure as possible.
Enhance enterprise communication, collaboration and compliance efforts with a proven FoIP solution from FaxCore. Contact FaxCore today to learn more about their 'Partly-Cloudy' fax solutions.