Hundreds Of Email Accounts Of C-Level Executives Are Up For Sale, And It’s Scary!

Must Read

How To Leverage On Cold Calling to Help You Win Big In 2021

Cold calling is an old-fashioned sales strategy that involves sales representatives reaching out to prospective customers who have not...

Indian Marketers To Invest More On Social Media In 2013: 52% Focus On Customer Acquisition [Report]

Majority of e-Marketers are focusing on Customer Acquisition via Social Media in 2013, according to a latest e-Marketing research...

It’s Raining Money For Crypto Experts in India: Salary As High As ₹80 Lakh Per Year

Fueled by the increasing demand from the IT service providers serving international clients, consultants, and Fintech startups the war...

The email accounts of numerous C-level executives around the world have been compromised and a threat actor is now selling their credentials online!

According to recently surfaced news, the data is currently being sold in a restricted underground forum for Russian hacked called ‘’. The username and password combinations for the executives are for Office 365 and Microsoft accounts which according to the hacker belong to executives at roles such as CEO, COO, CFO, CTO, President, Vice President and so on. 

Source: KELA

The access to email account of each executive is sold for $100 to $1500, depending on the company size and employee’s role.


But, are these accounts legit?

Yes, they are! A source from the cyber-security community contacted the seller to obtain samples and verified the legitimacy of the threat actor’s claims. The source collected credentials for two accounts, one belonging to the CEO of a U.S medium-sized business and another which belonged to the CFO of an EU-based multi-chain retail outlet. Both of them turned out to be valid.

Source: KELA

The source who requested not to be named also mentioned that the seller refused to answer when asked how did he obtain the login credentials but in turn said that he had many more to sell in the near future as well. 

KELA which is a threat intelligence firm, taking note of this incident reported that the same threat actor had previously shown his interest in buying “Azor logs” which refers to data collected from devices infected with the trojan called “AzonUlt infostealer”.

An infostealer trojan is a notorious malware which logs usernames and passwords from browsers that are infected with it. Later on, the operator who had deployed the infostealer filters, organizes the data and puts it up for sale in various hacking forums.

According to Raveed Laed who is KELA’s Product Manager, this particular hack of corporate email credentials is highly valuable for cybercriminals as there exist number ways in which they can monetize them.


For instance, a cyber attacker armed with this data can use the internal communication of a company and pull of a ‘CEO scam’ wherein they ask employees to wire them large sums of money. This data can also be used by cybercriminal to access other even more sensitive information which can later become a part of an extortion scheme. Or, alternatively, the compromised credentials can also be used to bypass email-based 2FA after which a hacker can conduct a network intrusion.

The recent incident of Twitter hacking is a great example of how hackers can misuse the accounts of who’s who of the industry. Accounts of Elon Musk, Jeff Bezos were used to putting out a tweet asking users to send money to a particular account.

But, nonetheless, it is being predicted that the email login details will mostly be used only in ‘CEO scams’, also known as BEC scams. Why so? Because a report by the FBI indicated that BEC scams were far the most popular form cyber attack in 2019 which accounted for half of all monetary losses in cybercrime. 

So, what exactly can you do to prevent falling prey to attackers who steal your login details in the first place? The easiest way is to set up two-step verification (2SV) or two-factor authentication aka 2FA solution.

By doing this, even if hackers somehow manage to steal your login details, it will be pretty much useless as it would need an additional 2SA or 2FA verifier. We will keep you updated on all future developments. Until then, stay tuned.


Please enter your comment!
Please enter your name here

Latest News

Bitcoin Bounces Back: Could reach Record High By End of 2021

The value of Bitcoin touched a six-month high on Friday as traders were more confident that U.S. regulators will...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This