Man
Professional
- Messages
- 3,222
- Reaction score
- 810
- Points
- 113
Criminals have mastered a method of access that all companies believe.
The Federal Bureau of Investigation (FBI) has issued a warning to police and government agencies around the world about the need to strengthen the security of email systems. The reason is the growing number of cyberattacks, as a result of which attackers gain access to business emails and use them to send fake requests for data from large technology companies.
Cybercriminals are increasingly hacking into email addresses belonging to police and government agencies and sending Emergency Data Requests (EDRs) through them. Such requests allow you to bypass official procedures and access customers' personal information without a court order.
EDR requests allow investigators to argue that delay could result in a life-threatening experience, forcing companies to provide data quickly. Many tech giants, such as Verizon, are under pressure to fulfill such requests — in 2023, the company processed more than 36 thousand EDR requests.
Cyber forums are already offering to sell fake EDR services. One of the well-known hackers under the pseudonym "Pwnstar" advertises his services for $1000-3000, claiming to have access to email accounts from 25 countries, including India, Brazil and the UAE.
Some criminals do not limit themselves to fake requests, but sell access to hacked email accounts of the police and government agencies. This allows shoppers to submit data requests from social media and other online platforms on their own.
To combat this phenomenon, Kodex has developed a request verification system. Founded by former FBI agent Matt Donahue, Kodex allows tech companies to verify the authenticity of requests from the police. Over the past year, the system rejected 30% of the 1597 processed EDR requests, detecting their fakeness.
According to Donahue, the problem is not limited to foreign countries. Many U.S. police departments are also vulnerable due to weak email account security and a lack of multi-factor authentication. Hackers continue to use phishing attacks and malware to steal data.
Against the backdrop of an increase in attacks, the FBI strongly recommends strengthening security measures and using modern methods to protect email systems. This will help prevent the leakage of confidential information and the misuse of customer data.
Source
The Federal Bureau of Investigation (FBI) has issued a warning to police and government agencies around the world about the need to strengthen the security of email systems. The reason is the growing number of cyberattacks, as a result of which attackers gain access to business emails and use them to send fake requests for data from large technology companies.
Cybercriminals are increasingly hacking into email addresses belonging to police and government agencies and sending Emergency Data Requests (EDRs) through them. Such requests allow you to bypass official procedures and access customers' personal information without a court order.
EDR requests allow investigators to argue that delay could result in a life-threatening experience, forcing companies to provide data quickly. Many tech giants, such as Verizon, are under pressure to fulfill such requests — in 2023, the company processed more than 36 thousand EDR requests.
Cyber forums are already offering to sell fake EDR services. One of the well-known hackers under the pseudonym "Pwnstar" advertises his services for $1000-3000, claiming to have access to email accounts from 25 countries, including India, Brazil and the UAE.
Some criminals do not limit themselves to fake requests, but sell access to hacked email accounts of the police and government agencies. This allows shoppers to submit data requests from social media and other online platforms on their own.
To combat this phenomenon, Kodex has developed a request verification system. Founded by former FBI agent Matt Donahue, Kodex allows tech companies to verify the authenticity of requests from the police. Over the past year, the system rejected 30% of the 1597 processed EDR requests, detecting their fakeness.
According to Donahue, the problem is not limited to foreign countries. Many U.S. police departments are also vulnerable due to weak email account security and a lack of multi-factor authentication. Hackers continue to use phishing attacks and malware to steal data.
Against the backdrop of an increase in attacks, the FBI strongly recommends strengthening security measures and using modern methods to protect email systems. This will help prevent the leakage of confidential information and the misuse of customer data.
Source
