Wednesday, June 26, 2013

How much is your Gmail account worth to a hacker?


The University of Illinois has a pretty neat web tool that calculates your risk exposure and makes some (pretty sensible) recommendations to help you lock this down:
The brainchild of researchers at the University of Illinois at Chicago, Cloudsweeper’s account theft audit tool scans your inbox and presents a breakdown of how many accounts connected to that address an attacker could seize if he gained access to your Gmail. Cloudsweeper then tries to put an aggregate price tag on your inbox, a figure that’s computed by totaling the resale value of other account credentials that crooks can steal if they hijack your email.

In a blog post earlier this month titled The Value of a Hacked Email Account, I noted that many people do not realize how much they have invested in their email account until that account is in the hands of cyber crooks. That post quoted prices from one seller in the cybercrime underground who buys compromised accounts, such as hacked iTunes accounts for $8, or credentials to for $5, for example.
If you use Gmail, you should go run this tool.


Dave H said...

I scored a goose egg, but that's no surprise because 1) I don't use Gmail for anything but access to Google services, and 2) I use a POP mail reader, and I don't leave anything on the server after I download it to my home computer.

Matt W said...

If that is a screenshot of your own analysis - our accounts are worth the same amount of money... Yay?

Eagle said...


Looks like Dave and I either (a) understand the worthlessness of keeping anything important on "the cloud", or (b) neither of us is socially active enuf on that thar innernetworking thingy...

Pachydermis2 said...

I also was left with a non existent sense of worth!

Or rather, since my gmail is essentially a spam catcher, a sense of accomplishment.