News Flash: Internet Accounts Sell For a Few Dollars

November 14, 2018

Blog

Cybersecurity firm outlines widespread availability of compromised usernames and passwords

Stolen account details for online entertainment services, such as Netflix and Spotify, are being sold on the black market for less than US$5 an account, according to an investigation by cybersecurity company Kaspersky Lab. In blog post, David Jacoby, a senior security researcher at Kaspersky, outlines how the widespread availability of stolen account details is driving down prices and even prompting some vendors to offer “lifetime warranties” so if one stolen account stops working, the buyer is given another for free.
The blog post explains that the most common way to steal account details is via phishing campaigns or by exploiting a web-related vulnerability, such as a SQL injection vulnerability. “The password dumps contain an email and password combination for the hacked services, but as we know most people reuse their passwords,” Jacoby writes. “So, even if a simple website has been hacked, the attackers might get access to accounts on other platforms by using the same email and password combination.”
He estimates that an individual’s “complete digital life” can be bought for less than US$50, adding: “We’re not talking about getting access to bank accounts, but you do get access to services where a credit card might be included such as Spotify, Netflix, Facebook and others.”

For more details, see the blog post on the Kapersky Lab web site

 

Back

Report: Mobile Connect Turbocharges New Services How Turkcell’s mobile authentication service is helping Turkey’s start-ups to grow This case study explores how Turkcell is harnessing the global Mobile Connect authenticatio...

Read more | See all Identity Resources

Identity Hangout: Decentralised Identity – Material The GSMA Identity team was joined by Andrew Tobin from Evernym to discuss the role of identity and the mobile industry in decentralised identity. Presentation Audio...

Read more | See all Identity Resources

MWC19 Barcelona Seminar Presentations The industry seminars at Mobile World Congress have developed a reputation for being one of the leading ways in which to discover the plans and motives of any given market. Below...

Read more | See all Identity Resources

Mobile Connect Platforms & Operations services The GSMA offers a series of technical platforms and services designed to help mobile network operators and service providers deploy Mobile Connect successfully. This document co...

Read more | See all Identity Resources

The Identity Guide to MWC 19 Barcelona With mobile internet traffic accounting for more than half of all global online traffic, the nature of digital identity is changing. Our impressions and personal information are ...

Read more | See all Identity Resources

Presentation: Identity Hangout Delivering Identity Services The first Identity Hangout: Delivering Identity Services on 5 December explored the value and commercial scalability of mobile-based identity services. The online event was targ...

Read more | See all Identity Resources

Biometric authentication is getting stronger – so we’ll be seeing David Pollington, Head of Service Access, Identity, GSMA Biometric authentication has been around for some time but is now becoming mainstream. Why? It’s mostly down to the wea...

Read more | Visit Identity Blog

Digital Identity: if you Streamline it, They Will Come Digital startups face all manner of challenges, and identity is no exception.  However strong the service offering, if registration and login processes detract from the user exp...

Read more | Visit Identity Blog

Flash News: Multi-factor Authentication Gains Traction Report says SMS is the most widely used method of adding an extra layer of security Almost 30% of businesses are now using multi-factor authentication to enable customers to acce...

Read more | Visit Identity Blog

News Flash: Big Names Back Digital ID Start-Ups SoftBank, Salesforce, Microsoft & PayPal make strategic investments in ID innovators SoftBank Investment, Salesforce Ventures and M12 (formerly Microsoft Ventures) all partic...

Read more | Visit Identity Blog

News Flash: Australia Accelerates Digital Identity Push Federal government allocates additional funds for myGovID system Australia’s government has injected a further AUS$67 million (US$48 million) into the development of its myGovI...

Read more | Visit Identity Blog

The Future of Digital Identity is Simplicity, Decentralisation and Con Last year was a complicated one for digital enterprise, with highlights and more bracing moments – and at the centre of that developing picture has been digital identity. On on...

Read more | Visit Identity Blog

Identity Hangout: Controlling fake online identities June 12, 2019 Hear what´s new in the identity space. This Hangout will focus on fake online identities and how the mobile industry can help control it....

Read more | See all Identity Events

Contact GSMA Legal Email Preference Centre Copyright © 2019 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.