If you have a .edu email address, beware: the account name, password, and Other personal information associated with this account may be listed online. cybercriminals to buy.
The Digital Citizens Alliance reports evidence of threats of all kinds – including hacktivists, crooks and terrorists – selling identification information, including e-mails and passwords , or even free gifts.
Everything happens on the black web, a highly decentralized digital space where the buying and selling of goods, services and information is unregulated and often illegal.
Cyber criminals can sell or buy illicit and often stolen goods, such as music, movies, drugs, guns and even e-mails.
Why do shoppers want university email account credentials? They can use them to take advantage of academic discounts, such as computer software and Amazon Prime subscriptions, for example. They may also use them for phishing scams or gain more access to financial information, research, and other potentially sensitive information from the university, according to researchers.
Eric Mason, a senior from Ohio State University, said he had problems with his university credentials. After recently hacking his email account, he had to change his e-mail address and passwords associated with multiple accounts on websites such as Adobe.com and iTunes, for fear of compromising his account information. credit card.
"In one way or another, someone could get into my e-mail account and wreak havoc," Mason said. "I'm not really sure how my account was hacked or anything that has happened since then, but it makes me nervous and a little worried that it's so easy to do."
Many people reuse their campus user name to set up accounts for online services for the sake of convenience, and they may or may not use their associated .edu password, according to the report.
Mason said that he had received many phishing emails sent to his university account before, but he never clicked on the posts. Now, however, he is concerned about what could happen to other accounts associated with his university e-mail address.
"I had to go back and change my e-mail address and password for all my accounts because I had used the same identifier for everything, "he said. "I did not understand or realize how serious it could be until it happened."
The problem is widespread
Digital Citizens Alliance Deputy Executive Director, Adam Benson, said the nonprofit of Washington, DC wanted to demonstrate the scale of the problem and the complexity of large organizations trying to protect e-mail users .
"Higher education institutions have deployed resources and talents to make university communities safer, but highly skilled and opportunistic cyber criminals make it difficult to protect large groups of highly desirable digital targets." said Mr. Benson. "We have shared this information with cybersecurity researchers to better understand the types of threats that actors are able to do with a .edu account."