Cybercrime is increasing rapidly in India. Criminals take advantage of people by adopting various tactics and looting the hard-earned money of common people. In such a situation a great revelation has been made. It has been reported that cybercriminals are allegedly selling usernames and passwords of email IDs belonging to Indian government employees. If these emails are accessed, they could lead to a range of illegal activities, which could have serious consequences for individuals and businesses.
A hacker on a private forum claims that anyone can buy these government email accounts for a few thousand rupees. “Once you purchase access, you’ll be able to reset the password or do whatever you want with it,” reads a post on the hacking forum.
But how can these government emails be misused? Take “digital arrest” as an example. With basic information such as a person’s name, phone number, and address, which is often available in public records, cybercriminals can impersonate law enforcement officers, digitally arrest people, and extort large sums of money. Today, this tactic known as “digital arrest” has become a lucrative form of online fraud.
Now imagine what a cybercriminal could do if they knew what their target bought, who they sent money to, what they searched for online, what websites they visited, or who they chatted with on social media.
Earlier this week, the US investigative agency FBI had issued a warning that cybercriminals are using hacked government email accounts and fake court orders or subpoenas to demand information from private US companies.
Sale of .gov.in email accounts
Aaj Tak’s open source intelligence (OSINT) team found three listings on a private hacking and data selling platform, the most recent of which was posted on November 6, announcing the sale of email IDs and their passwords.
The team reviewed samples of nine email accounts with @tn.gov.in domains belonging to Tamil Nadu government officials, which a vendor was offering as part of a batch of 700 such credentials. One of these accounts appeared to be that of an IAS officer.
Although two-factor authentication is required to access government-issued email accounts, the Government of India mandated the use of the Kavach app developed by the National Informatics Center (NIC) in 2020. This app requires users to natives approve any login attempts from new devices. However, it seems that hackers have found a way to bypass this security measure.
Another cybercriminal in a secure chat with Aaj Tak claimed that he charged $150 (approximately Rs 12,600) for credentials for a government email ID. He offered to demonstrate access to these accounts by logging into one as a demo. The process involves an escrow service on the hacking forum, where administrators act as intermediaries, holding the buyer’s payment until the seller successfully logs into the compromised account.
Other providers offer “logs” that contain data that can be used to extract email usernames and passwords. “Today I will sell the Indian government records. The file contains more than 40,000 lines of records,” reads a forum post written by a cybercriminal in September this year.
fbi advice
The most dangerous activity that the FBI warned about in its advisory published on November 4 was that a compromised .gov.in email account could allow companies to make emergency data requests, falsely claiming that the information was available to someone needed for an investigation or to save. someone’s life.
FBI advisories and hacker posts indicate that hacked government emails could be misused to request call records from telecommunications companies, extort money, conduct scams, and facilitate crimes such as digital arrests. Some hacked emails can also be used to obtain information from social media platforms and cryptocurrency exchanges about their users.
