Report: Insights into attacker activity in compromised email accounts

Temas:

23 jul 2020

A specialized economy is emerging around email account takeover as cybercriminals find new ways to attack and exploit email accounts, and businesses need to be prepared to defend against these types of attacks.

Over the past year, Barracuda researchers teamed up with leading researchers at UC Berkeley to study the end-to-end lifecycle of a compromised account. Examining 159 compromised accounts that span 111 organizations, they looked at how the account takeover happens, how long attackers have access to the compromised account, and how attackers use and extract information from these accounts.

They share their findings in the new report Spear Phishing: Top Threats and Trends Vol. 4 — Insights into attacker activity in compromised email accounts.

Get your free copy right now!

New insights on account takeover

Barracuda’s research uncovered surprising details about these widespread and dangerous attacks, how cybercriminals behave in compromised accounts, and how that should guide your organization’s defense strategies. Highlights from the report include:

More than one-third of the hijacked accounts analyzed by researchers had attackers dwelling in the account for more than one week.

20% of compromised accounts appear in at least one online password data breach, which suggests that cybercriminals are exploiting credential reuse across employees’ personal and organization accounts.

In 31% of these compromises one set of attackers focuses on compromising accounts and then sells account access to another set of cybercriminals who focus on monetizing the hijacked accounts.

78% of attackers did not access any applications outside of email.

Get your free copy of Spear Phishing: Top Threats and Trends Vol. 4 — Insights into attacker activity in compromised email accounts now to see all the revealing details, including the latest tactics used by scammers and the strategies and best practices to defend your business against these evolving attacks. Protect your business from cybercriminals finding new ways to leverage spear-phishing attacks and exploit compromised email accounts.

Get your free copy right now!

Anne Campbell

Como gerente senior de relaciones públicas y comunicaciones en Barracuda, Anne Campbell encuentra nuevas formas de utilizar el contenido para ayudar a los equipos de seguridad informática y a los socios del canal a mantenerse informados sobre las amenazas en evolución, las últimas investigaciones de la industria, las mejores prácticas de seguridad, y más. Anne pasó la primera mitad de su carrera como periodista de revistas y periódicos, y aporta ese punto de vista editorial a su trabajo en relaciones públicas y marketing de contenido.

Busque en el blog

Informe de Barracuda sobre Ransomware 2025

Principales conclusiones sobre la experiencia y el impacto del ransomware en las organizaciones de todo el mundo

Obtener el informe

Seguridad de vulnerabilidades gestionada: corrección más rápida, menos riesgos, cumplimiento normativo más fácil

Descubra lo fácil que es encontrar las vulnerabilidades que los ciberdelincuentes quieren explotar.

VER EL SEMINARIO WEB