Hackers Look for Easy Money in Victim Email Inboxes

A recent article published by independent security researcher Brian Krebs shed light on a long-term scheme run by a group of hackers, to steal gift cards from victim email inboxes.

Krebs used information supplied by a source who requested to remain anonymous but had hooks into a number of networks used by the hacker group. The discoveries made are very intriguing.

In a landscape where a major part of cyber security news releases are focused on ransomware, it is a little strange to see an examination of a different approach by hackers. The group described by Krebs' anonymous source is playing the long game - they are brute-forcing their way into as many email accounts as they can, but once in, they keep a very low profile.

The hackers attempt to hack into millions of email accounts each day, targeting almost all major email providers. Even though the conversion rate of successful breaches against total attempts is tiny - somewhere around 0.1%, this still means tens of thousands of breached accounts per day, simply because the automated scripts the hackers use allow them to attempt to get into millions of emails each day.

Once they have found their way into victims' inboxes, the hackers keep a very low profile and run another script that goes through inboxes, looking for specific keywords. The bad actors are looking for gift cards and similar loyalty program reward cards that they can steal, and then re-sell online.

The report states that similar digital gift cards sell for roughly 80% of their face value. With thousands of breached accounts to scan each day, the hackers are likely making a good bit of money with their criminal activities.

The thing that has helped this particular group keep doing this over the course of around three years is that the hackers keep a very low profile. There are no attempts to abuse the breached email accounts in any other way - no phishing out of contacts, no exploiting the breached account to use it like a spambot. All that this particular group of hackers cares for is the gift and loyalty program cards.

This low-profile approach focused on minimizing their footprint and traces on the victim accounts has allowed this group to thrive for a long time and steer clear of any intervention on part of the authorities, who are always more engaged in higher-profile attacks.

By Zaib
September 7, 2021
Computer Security
English
September 7, 2021
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Phishing, Scam

'Debt Settlement' Email Scam

You receive an email from a debt settlement company offering to help you out of your financial woes. They say they can set up a monthly payment plan to put towards your credit card debt, student loans, or medical... Read more

April 26, 2021
Computer Security

Ignoring Smart Doorbell Security Is Like Giving House Keys to Hackers

UK consumer protection organization Which? recently revealed that smart doorbells sold in big-name online retailers can contain major vulnerabilities. Together with NCC Group, another UK entity, Which? discovered that... Read more

November 26, 2020
Computer Security

Xerox Color Workstation Email

Xerox Color Workstation Email is the designation given to a campaign distributing malicious spam emails that carry keylogger malware. The lure used by the bad actors behind the campaign is a message urging the victim... Read more

May 20, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.