Criminals on-underground market ecosystem shift changes threat-actor operations
Threat Actor Meta
Summary
Hide ▲
Show ▼
Dark Web sellers are now commoditizing active law enforcement and government email accounts, raising the odds that trusted inboxes will be used for fraud and verification bypass. The accounts reportedly cost as little as $40 per account and come from the US, UK, India, Brazil, and Germany. Buyers receive SMTP.POP3.IMAP access and can immediately send email or use government-only services. The shift from dormant or spoofed accounts to live inboxes makes the abuse more convincing and harder to block.
Timeline
-
14.08.2025 23:09 1 articles · 9mo ago
Active government email accounts sold on Dark Web markets
Initial DisclosureResearchers at Abnormal AI reported that criminals are selling active law enforcement and government email accounts on underground markets for as low as $40 per account, with accounts tied to the US, the UK, India, Brazil, and Germany and marketed on encrypted messaging platforms such as Telegram or Signal. The sellers are using credential stuffing, infostealer malware, phishing, and social engineering to obtain inbox access, then resell SMTP.POP3.IMAP credentials so buyers can immediately send email, access government-only services, and abuse trusted accounts for fraudulent subpoenas and verification bypass.
Show sources
- Police & Government Email Access for Sale on Dark Web — www.darkreading.com — 14.08.2025 23:09