Yes, you read that right. There are online stores where thieves who collect other people’s identity information sell that information in bulk. These are Web Hosting account, Facebook accounts, Twitter accounts, etc. According to the article in CIO magazine, “Criminals Open ‘Factory Outlet’ to Sell Stolen Facebook and Twitter Logins” by John Dunn:
As well as Facebook and Twitter (useful for creating spamming accounts), the criminals offered account logins for a web hosting admin system cPanel, useful for anyone wanting to hijack a website to host malware.
It seems that criminals now want to harvest every login they find on a victim’s computer on the basis that it will have some value to somebody at some point.
“This latest development provides a window into the vast cybercrime aftermarket that has risen up on the internet and been made possible by sophisticated malware,” said Trusteer CTO, Amit Klein.
This is the future. This would not be possible without the attitude of people who discount the Tsunami of hackers and exploitative software that has hit the Internet over the past year. For the years past, people would hear of ideas like ‘update your password’ and ‘don’t use the same password’ or even ‘we need more training in the IT department’… and these bits of advice would fall upon nearly deaf ears. Typically there were no consequences. Today we cannot rest on the idea that people don’t have infected mobile devices or home computers. Carelessness of IT departments, carelessness of individuals, fear and carelessness of social media and software companies that are exploited are the friends of these hackers and identity wholesalers.
If your company is interested in figuring out how to protect themselves, please consider reading some of the information on this blog like here, here, here and here.
