Recently, The email accounts from top universities across the world being sold on Taobao, the largest consumer-to-consumer (C2C) e-commerce platform in China.The accounts offer various benefits, which include registration to software developer programs, discounts from certain retailers, as well as access to academic databases.
The investigation began with a Chinese language search for “edu mailbox” in Taobao, which returned 99 results related to stolen university email accounts. The most expensive account was listed at ¥2400 RMB ($390.80 USD), while the cheapest was only ¥0.98 RMB ($0.16 USD).
19 educational institutions in the US were robbed of the accounts, among the owners being MIT, Stanford, Yale, Princeton, Harvard, Purdue, Columbia, Cornell, University of Chicago, and New York University.
In China email accounts was stolen from 14 institutions. South East University, Peking University, Shanghhai Jiao Tong University, Hong Kong University and China University of Geosciences were among the owners.
“The sellers advertised that the email accounts are valid, accessible and active and also they mentioned about the benefits and features they provide”, says the report.
Prices ranged from 0.98 RMB ($0.16 / €0.12) to 2400 RMB ($390 / €300), one of the most popular being sold at least 569 times and offering the possibility to perform a developer unlock on Windows Phone devices without having to pay the regular fee.
In other cases, the email accounts would offer significant student discounts at different retailers, such as Amazon, BestBuy, Apple and Dell.
Access to restricted content from a university was the third benefit touted by the sellers. This included tapping into resources from the library, as well as documentation and research studies.
The risk stemming from the compromise of the accounts includes phishing attacks which could led to attack and steel sensitive information relating to researches and financial data
“Some of the educational organizations have two-step verification feature set in place to protect against fraudulent email account log-ins”, says Palo Alto Networks