Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Much Is Your Gmail Account Worth To Crooks?

Posted by Soulskill on from the single-point-of-failure dept.

tsu doh nimh writes "If you use Gmail and have ever wondered how much your account might be worth to cyber thieves, have a look at Cloudsweeper, a new OAuth service launching this week that tries to price the value of your Gmail address based on the number of retail accounts you have tied to it and the current resale value of those accounts in the underground. From KrebsOnSecurity: 'The brainchild of researchers at the University of Illinois at Chicago, Cloudsweeperâ(TM)s account theft audit tool scans your inbox and presents a breakdown of how many accounts connected to that address an attacker could seize if he gained access to your Gmail. Cloudsweeper then tries to put an aggregate price tag on your inbox, a figure thatâ(TM)s computed by totaling the resale value of other account credentials that crooks can steal if they hijack your email.'" A recent report from Kaspersky (PDF) also highlighted the trend toward phishing attepts targeting Facebook, Google, and Yahoo accounts alongside bank accounts.

12 of 80 comments (clear)

  1. Wait just a second by Russ1642 · · Score: 5, Insightful

    "You're at risk!!! Download this scanning tool now to determine your chances of getting pwned." Where have I seen this kind of language before?

    1. Re:Wait just a second by maliqua · · Score: 5, Funny

      the university of Illinois computer science department...?

    2. Re:Wait just a second by houghi · · Score: 4, Funny

      And not just downloading. You need to give them temporary access. I will do that right after securing my Visa Card.
      On their site they call it "Temporary Limited Access" and that is exactly what I tell the ladies. Nothing can happen, although one is a slightly pregnant right now, but that is also just temporary.

      --
      Don't fight for your country, if your country does not fight for you.
    3. Re:Wait just a second by Anonymous Coward · · Score: 5, Funny

      the university of Illinois computer science department...?

      Well known scammers:

      Dear Friend I am Professor Joseph Otumba of the university of Illinois computer science department and I wish to speak to you on the most urgent matter of your gmail account....

  2. Great Idea!! by canadiannomad · · Score: 4, Insightful

    Now just let me hand over the keys to all my private mail to someone who will quickly be able to deduce how much it is worth.... /sarcasm>

    --
    Hmm, the humour and sarcasm seem to have been be lost on you.
  3. People Who Bought... by Anonymous Coward · · Score: 3, Funny

    People who bought "$5,000 offshore banking money transfer" also bought:

    1. Krugerrands
    2. The Complete Book of Money-Laundering
    3. $1,000 Amazon Gift Cards
    4. $4,600 Donation to 2012 Obama for America Campaign
  4. A PSA from your "friends" at CloudSweeper: by CanHasDIY · · Score: 4, Funny

    Hi! We just noticed the word, "SUCKER," printed on your forehead in big bold text, and thought you would be interested in our exciting new offer...

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  5. A rough appraisal by Russ1642 · · Score: 4, Funny

    About tree fiddy

  6. Re:So... how much is it worth? by djsmiley · · Score: 3, Insightful

    please let us have access to all your email and search through it to tel you how much a random person would like to have access to all your email and search through it...

    --
    - http://www.milkme.co.uk
  7. Thats kind of crazy to me. by Marrow · · Score: 4, Insightful

    Why does amazon ( a serious competitor for Google Play) take it upon themselves to send an email showing the complete details of your transaction. Which Google can then scan and learn about Amazons customers and attempt to drive them to Google Play. It seems like all the web vendors want to give all their customer information to Google. Im sure Google appreciates the efforts on their behalf.
    There should be very little detail in these transaction confirmations. And they should be optional. Or maybe SMS should be an option. But to give your competitor the names of your competition and what they like to purchase is just plain crazy to me.

    1. Re:Thats kind of crazy to me. by Anonymous Coward · · Score: 3, Insightful

      Nobody's forcing you to use gmail. Get a domain and an email only account with any web host and for about $15/month you can have mailboxes that are very private, and especially ad-free.

  8. It's called a "receipt" by sirwired · · Score: 3, Insightful

    So, what exactly is Amazon supposed to do? Most people LIKE getting their transaction details sent to them; it's called a "receipt", and it serves as proof you bought whatever it is you think you bought, should this ever be up for dispute. Most people expect to receive a receipt for every electronic transaction, even if it isn't strictly necessary.

    And the same thing could be said about any commercial e-mail service... nothing stops Mom-n-Pop ISP from mining your e-mail for data (or selling mining access to somebody who can.)

    In any case, Amazon doesn't seem to be too bothered by the prospect...

    If you don't trust GMail e-mail scanning, get your address elsewhere.