Tuesday 07 July 2026 03:11:42 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Mailbox takeover

Unauthorized control of an email account, which can expose conversations, contacts, and internal trust relationships.

Mailbox takeover is unauthorized control of an email account. An attacker may gain access by stealing a password, abusing a reset flow, hijacking a session, or tricking a user into approving a sign-in. Once inside, the attacker can read messages, send mail as the victim, change recovery settings, and hide legitimate alerts.

It matters because email is often the root of organizational trust. A taken-over mailbox can reveal conversations, contact lists, attachments, and internal processes, and it can be used to impersonate the owner in spearphishing, invoice fraud, or further account compromise. In defense, teams look for impossible travel, new forwarding rules, suspicious OAuth grants, and repeated login failures. Phishing-resistant MFA, strong recovery controls, and mailbox auditing reduce the chance that one compromised inbox becomes a wider breach.

← WIKICROOK index