Technology

Bank employees register work emails on streaming, social, and adult sites: Kaspersky report

Published by
Digital Desk

ISLAMABAD: Employees may also use corporate emails to register for personal accounts on marketplaces and social media, increasing the risk of account theft and corporate security breaches, according to a study by Kaspersky Digital Footprint Intelligence.

Kaspersky experts analyzed compromised credentials leaked on the dark web between 2019 and 2024 for three popular entertainment platforms: Roblox, Discord, and Netflix. The analysis revealed that, on average, 7% of users whose accounts were leaked had registered on these platforms using a corporate email address.

“Registering on various services for personal use with a work email is not best practice. First, you may lose access to these accounts if you change jobs. Second, it can pose security risks for both you and your company. If your passwords follow a predictable pattern across different services, it increases the likelihood of other accounts being compromised, including your work account, should your corporate email be exposed in a dark web leak,” explains Sergey Shcherbel, expert at Kaspersky Digital Footprint Intelligence.

Kaspersky experts also found that bank employees most commonly registered their work email addresses on streaming services, marketplaces, and social networks. In a few cases, corporate emails were also used as logins on gaming platforms and adult content websites.
To conduct this study, experts compiled a sample of 50 banking sector companies and examined compromised credentials leaked on the dark web, identifying those linked to the corporate domains of these companies across five categories of popular platforms.

Learn more in the report. In light of these growing infostealer threats, Kaspersky has launched a dedicated landing page to raise awareness of the issue and provide strategies for mitigating associated risks.

If you encounter a data leak through infostealers, change compromised account passwords and monitor for suspicious activity associated with those accounts. Run full security scans on all devices, removing any detected malware. Companies are recommended to monitor dark web markets proactively to detect compromised accounts before they pose risks to customers or employees. A detailed guide on setting up monitoring can be found here.

Leverage Kaspersky Digital Footprint Intelligence to track what cybercriminals know about your company’s assets, identify potential attack vectors, and implement protective measures in a timely manner. As an enterprise, implement a security awareness program for employees, including regular training and performance assessments. Enforce a strict password policy for all corporate resources to reduce the risks of encountering credential-related cyber threats.

Digital Desk

Recent Posts

Afghan Women’s refugee team could Play International matches by 2030

DUBAI: The International Cricket Council (ICC) is considering plans that could allow the Afghan women's…

30 minutes ago

US-Iran tensions spark fears of fuel price hike in Pakistan

ISLAMABAD: Escalating tensions between the United States and Iran have once again unsettled global oil…

51 minutes ago

ICC Arbitration Puts Pakistan’s Energy Sector Under Pressure

ISLAMABAD: Pakistan's energy sector is headed for another high-stakes international commercial arbitration, with Petrosin CNG…

1 hour ago

5-Year employees asked to submit documents

PESHAWAR: Documents have been sought from employees who have completed 5 years of service for…

2 hours ago

Hot, Humid weather to continue, Rain expected

ISLAMABAD: The Meteorological Department has predicted rain with thundershowers in various cities. According to the…

2 hours ago

Suzuki Cultus new prices revealed in Pakistan

ISLAMABAD: Pak Suzuki’s latest financing policy has released the prices of all Cultus variants, total…

2 hours ago