If your inbox was held for ransom, would you pay to get it back?
In his article, “The Value of a Hacked Email Account,” former Washington Post reporter Brian Krebs diagrams multiple services that are typically linked to an email account. When the email account is hacked and comes under a criminal’s control, those other services and accounts are also controlled by the criminal. Do you login to your financial accounts with your email address? After you shop online, do receive confirmations and shipping notices by email? Do you discuss research projects with your office colleagues by email? Do you send or receive payroll information via email? Personal data, photos, health matters… all these messages can add value to your email account on the black market.
Want to guess how much your iTunes account is worth? Answer: $8 in June 2013. In fact, if you had only the highest-value 6 of the 18 accounts mentioned in Kreb’s 2013 article, your email account was worth around $30 at that time. And that is not what YOU would be willing to pay if your inbox was held for ransom. That is just a starting street price for your account information on the black market.
Marc Scarborough, IT Security Officer at Rice University, continues advocating the same precautions that Krebs uses to conclude his article: multi-factor authentication and safe computing to ensure your devices are not infected with password seek-and-send malware. Scarborough also urges the use of different passwords for different accounts.
Contact the IT Help Desk (713.348.4357, helpdesk@rice.edu) if you think your Rice NetID password may have been compromised in a phishing campaign or other criminal activity.