Think you may have a Compromised Account?

Contact us - We have an api available to query against and can run queries by request for our customers and clients. > help@wildcardcorp.com

Account Vulnerability

It is expected that data breaches will become more and more profound in both reach and consequences as the years go on. The increased regularity of data breaches are the result of people’s general lack of knowledge about best practices for account and data security. Compromised accounts should be taken seriously as they can lead to security and privacy intrusions & data theft that could be detrimental to both individuals and businesses.

Pawned Account Databases

On December 5th 2017 a massive data dump was discovered on the dark web listing 1,400,553,869 usernames/emails and their clear text password. Researchers claim it to be one of the “largest aggregate database found in the dark web to date.” (Forbes)

Much of the data dump was comprised a mix of other data dumps and leaked bases that had been previously posted to other hacking forums. Collecting large amounts of credentials to sell on hacking forums is not a new practice on the dark web. Such information is valuable to scammers who can use the data for phishing, blackmail and other attacks.

In our modern digital age, a compromised account can lead to serious consequences. For many of us, one of the most important account passwords is the one protecting our email account(s). In many cases, access to an email account means access to any other accounts linked with that email address. Most online accounts offer password reset through email. That means whoever is in control of that email account can reset the password of other accounts by simply requesting a password reset link via email.

The main culprit behind compromised credentials is that many people create weak passwords and have the bad habit of reusing passwords across multiple sites. Another mistake people often make is NOT taking advantage of multi-factor authentication options when they are available. Your passwords are worth way more to you than you realize, so it’s important that you learn the Best Practices for Securing Your Passwords.

Accounts and data that can be compromised through a hacked email include:

• Financial:
  • Bank accounts
  • Change of billing
  • Cyberheist lure
  • Email account ransom
• Employment:
  • Forward work documents
  • Forwarded work emails
  • FedEx, UPS & other shipping accounts
  • Salesforce, ADP accounts
• Retail, Entertainment, & Social Media:
  • Online retail accounts (Walmart, Amazon, etc.)
  • You Tube, iTunes, Spotify, Netflix, Hulu, etc.
  • Facebook, Twitter, Tumbler, etc.
• Personal Files & Information:
  • Your messages & calendar
  • Your Photos
  • Your Google/Skype chats
  • Call records (+mobile acct)
  • Your Location (+mobile/itunes)

Hacked email accounts not only expose and exploit your personal information but can also expose the email addresses of your contacts. Your contacts can be spammed with junk messages and phishing emails containing harmful malware.

What You Could Lose...

The following is a real case:

Wildcard had been contracted by a client to examine a security incident where an internal email was sent to a client that requested the change of the bank account and routing numbers to which a payment was supposed to be made.  

Our investigation revealed that in the time leading up to the incident, numerous attempts had been made to try accessing the email web portal from different IP addresses located around the world. The email account that was eventually hacked used a very weak password which made it easy to crack and allowed the attacker to gain access to the company email server. By gaining access to the account username and password, the cyber-criminal was able to change the bank account and routing numbers associated with the company and ended up intercepting $750,000 worth of payments.