Comments on: Email hacking for hire going mainstream http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/ WEBROOT - INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS Thu, 23 May 2013 07:00:37 +0000 hourly 1 http://wordpress.com/ By: Email hacking for hire going mainstream – part three « Webroot Threat Blog – Internet Security Threat Updates from Around the World http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-107261 Mon, 21 Jan 2013 07:00:31 +0000 http://blog.webroot.com/?p=5703#comment-107261 [...] as we anticipated on two occasions in 2012, managed email hacking for hire services continue popping-up at publicly [...]

]]> By: Email hacking for hire going mainstream – part two « Webroot Threat Blog http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-44046 Mon, 02 Apr 2012 20:45:00 +0000 http://blog.webroot.com/?p=5703#comment-44046 [...] Remember the email hacking for hire service which Webroot extensively profiled in this post “Email hacking for hire going mainstream“? [...]

]]> By: 電子メールのハッキングはレンタルサービスが主流に « ウェブルート ブログ 日本版 http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-42377 Wed, 21 Mar 2012 08:35:06 +0000 http://blog.webroot.com/?p=5703#comment-42377 [...] ※この記事は1月5日に更新された英語版の参考和訳です。 [...]

]]> By: Paralegal http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-36391 Tue, 07 Feb 2012 17:47:07 +0000 http://blog.webroot.com/?p=5703#comment-36391 I’ve been reading a lot of your blogs and loving the information and knowledge you provide…I really can NOW believe that people are breaking into email accounts and telling the authorities that they are only recoving passwords for the user…Right?

Okay…That is really wrong and your articles make me want to really rethink what I’m doing with my emails accounts…I don’t even know if someone can get into my account…Or if someone is in there now…Wow…

Plus, you information on those now “brute-forcing tools” that can break through that CAPTCHA safety gate and get you!
It’s really amazing you know this stuff and tell others…
I just don’t get it…Being older I need to start telling all my friends about the power of your knowledge…I have to be careful…Thanks again for you help…

I don’t have time, although I would love to respond to all you articles, blogs or words, but you really have opened up my world today on so many things…Just learning a lot of this now! :-)

]]> By: Paul Williamson http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-32009 Fri, 06 Jan 2012 11:04:13 +0000 http://blog.webroot.com/?p=5703#comment-32009 This is one argument for the use of an email solution that uses a pop3/smtp client (such as Outlook) that downloads and keeps your mail on your local hard drive. I notice the services that they offer to “hack” are all web based email services.

I wonder how these “hackers” would go breaking into a local email store without resorting to social engineering tactics

]]> By: Steve Wynkoop http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-31884 Thu, 05 Jan 2012 22:06:21 +0000 http://blog.webroot.com/?p=5703#comment-31884 Thanks for the advice and reply.

]]> By: Lisa Bongiovanni http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-31882 Thu, 05 Jan 2012 21:55:08 +0000 http://blog.webroot.com/?p=5703#comment-31882 Due to the nature of these services using outsourced hackers to actually carry out the hacks it’s hard to say what exact methods each of these services uses to perform the hack. As mentioned, botnets, social engineering tricks and spear phishing attacks are all used by these hackers and all take different methods to combat them. While Webroot SecureAnywhere protects against a plethora of attacks much of the security of your email account is up to you – most namely your choice of a password and your vigilance in responding to, or not responding to phishing attempts. Webroot SecureAnywhere Complete has a password manager built into it that encrypts your passwords and makes them easy to manage and also much more difficult to hack. Using social engineering to manipulate people to willingly provide their login and/or password can happen on almost any online platform you can think of and is up to the user to be aware of the deception and not give-up their personal information to anyone.

]]> By: Steve Wynkoop http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-31869 Thu, 05 Jan 2012 20:36:46 +0000 http://blog.webroot.com/?p=5703#comment-31869 These blog posts are all very interesting in an academic sort of way. But, what I want to know is: Does my Webroot Secure Anywhere package protect me? If not, why not? And what should I be doing in addition to secure my Internet activities?

]]> By: ddanchev http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-31867 Thu, 05 Jan 2012 20:31:36 +0000 http://blog.webroot.com/?p=5703#comment-31867 Modern brute-forcing tools have built-in CAPTCHA solving API that relays the CAPTCHA to a vendor of CAPTCHA solving services. Find more details about these vendors here:

http://www.zdnet.com/blog/security/inside-indias-captcha-solving-economy/1835

Best,
Dancho

]]> By: Daniel Wolf http://blog.webroot.com/2012/01/05/email-hacking-for-hire-going-mainstream/#comment-31866 Thu, 05 Jan 2012 20:29:52 +0000 http://blog.webroot.com/?p=5703#comment-31866 So they can just bruteforce an account login? Doesn’t Google/these other services implement rate limiting? I know Google will throw up a CAPTCHA if you fail more than 3 times or so.

I don’t understand how they are doing this.

]]>