In a dark web forum post, a threat actor has allegedly put up for sale access to an email account within the Italian Ministry of Internal Affairs. The post claims that the compromised email account contains approximately 400 emails.
The alleged seller outlines various ways in which the compromised email access could be exploited. These include reviewing sensitive government correspondence, submitting emergency data requests to major platforms, conducting phishing or ransomware attacks, and even accessing law enforcement portals. The threat actor also claims that the email could be used for social engineering tactics to gain access to investigative tools and intelligence platforms.
The threat actor has priced the alleged access at $300. The post includes specific examples of how the email could be misused, emphasizing its potential value to cybercriminals. The listing also suggests that the compromised email might be used to request confidential records, freeze cryptocurrency wallets, or execute scams leveraging the credibility of a government-affiliated address.
This alleged sale underscores the persistent risks posed by government email breaches, particularly when exploited for social engineering and cybercrime.
