There's not much authorities can do to prevent hackers from determining computer users' e-mail passwords, U.S. experts say.
Hacker services, usually based overseas, openly advertise that for as little
as $100, they can find out what someone's e-mail password is and provide it to
buyers, who can then use it to monitor the private communications of estranged
spouses, family members or whomever they choose, the Washington Post reported
a law professor at George Washington University and a former trial attorney in
the Justice Department's computer crime section, told the Post that while U.S.
law prohibits hacking into e-mail, it's only a misdemeanor without further
criminal activity. And as such, it is a low priority item for the FBI.
"This is an important point that people haven't grasped," added Peter
Eckersley, a staff technologist for the Electronic Frontier Foundation in San
Francisco. "We've been using e-mail for years, and it's been insecure all that
time. ... If you have any hacker who is competent and spends the time and
targets you, he's going to get you."
Experts said Web-based e-mail accounts are especially vulnerable because
hackers an exploit security flaws in Web browsers.