The price of a file of user credentials, or a dump if you want the hacker vernacular, depends greatly on the Internet service where it can be used, says Amichai Shulman, chief technology officer with data security specialist Imperva.
"Just five years ago, the illegal trade in credit card details was a rising problem for the financial services industry, as well as their customers, with platinum and corporate cards being highly prized by the fraudsters" Shulman told us, adding "Today, however, there are reports of Twitter credentials changing hands for up to $1,000 owing to the revenue generation that is possible from a Web 2.0 services account. This confirms our observations that credentials can fetch a high sum according to both the popularity of the application, and the `popularity' of the account in question".
Indeed, with the going rate of a stolen Hotmail account being a paltry $1.50 yet a Gmail account selling for an average of $80, the proof would appear to be in the eating of this particular criminal pudding. "As a service, Hotmail has fallen out of favour of serious Internet users" Shulman explains "while Gmail's all-round flexibility means it is central service for business users". And that means that stolen Gmail credentials are likely to provide access to a whole range of Google cloud services such as Google Docs and Adword accounts which, in turn, can open doors into company systems. Hence the added value of these compromised credentials.
As for Twitter, these compromised accounts are more valuable still as they offer an immediate 'in' to a network of contacts which can be used to unwittingly spread malware or perhaps drive a more targeted attack. "Twitter accounts are valuable to criminals that they will use almost any technique to harvest user credentials, including targeted phishing attacks. Once a fraudster gains access to a Twitter account, they can misuse it in a variety of ways to further their fraudulent activities" Shulman says, concluding "If this isn't a wake-up call to anyone with multiple IDs that use the same password, I don't know what is. Internet users - especially those with business accounts - need to use different passwords for different services, or they could face the disastrous consequences of taking a slack approach to their credentials".
Related Article:Hacking the NASA Twitter Account
is a Social Media and Communities news story by happygeek that has 2 replies, was last updated 2 years ago and has been tagged with the keywords: ebay, hack, mckinnon, nasa, news, security, space, spam, twitter.
Why would anyone invest money on buying a free Twitter account? Does Twitter really helps that much on increasing traffic and sales? I think that with $1000 you can invest in other marketing methods and get more out of it.
Some people have seen great traffic - this is what experts say at those conferences - but I personally only seen only a temporary lift. Thus, I personally think Twitter is good for people who have a big following and even with a 1% CTR - it can mean in the hundreds.