Cybercriminals specifically targeting finance department email addresses

Nearly 5,000 British finance department email address up for sale on dark web

Cybercriminals are specifically targeting finance department email address and selling them on the dark web.

Cyber security firm Digital Shadows has found almost 5,000 email addresses of British finance departments up for sale to criminals ready to scam companies.

Overall, Digital Shadows discovered nearly 34,000 finance department email addresses circulating on criminal forums. This information is so valuable to scammers that one individual is offering up to $5,000 (£3,851) for a single username and password pair.

Recent research from the FBI suggested scams resulting from business email compromise, such as fake invoices have cost businesses $12 billion globally over the last five years. In Britain, losses from so-called mandate fraud more than doubled in the past tax year to £77 million, costing UK businesses on average £23,000 for each successful scam.

The research shows that companies are unwittingly making it easy for criminals. Poor security such as not updating back-ups has left more than 12 million email archives, including entire company inboxes, exposed and available to buy on criminal networks.

Digital Shadows also discovered that sensitive, personal and financial information was freely available, with 27,000 invoices, 7,000 purchase orders, and 21,000 payment records up for grabs.

And criminals offer to hack into business email systems for as little as $150 – with results available in less than one week. Others offer to take a cut of total money scammed out of companies in exchange for providing email addresses of company finance departments.

Rick Holland, chief information security officer at Digital Shadows, said: “Millions of companies are already exposed through misconfiguration issues or finance department emails and passwords circulating online. With the right knowledge it is relatively easy for cybercriminals to find whole email boxes and accounting credentials – indeed we found criminals actively looking for them.”