"The cybersecurity company FireEye has unearthed a team of email intruders that snoop through the correspondence of company executives who may possess market-moving information.
FireEye said the team has carried out attacks against nearly 100 publicly traded companies or their advisory firms in possible attempts to play the stock market. Most of the targets are health care or pharmaceutical companies. It noted that the shares of those firms can move dramatically after the announcement of clinical trial results, regulatory decisions or other significant developments.
FireEye has labeled the group FIN4 and says it focuses on capturing usernames and passwords to email accounts, which gives the group access to private email correspondence. The group does not use malware, which helps it evade detection.
they send emails from friends or contacts that ask you to fill in a form with your email credentials
than they use those email credentials to read over your shoulders your email
and this you can only end when your company emailservice does the same location control as Google and Yahoo - except when they do it from the same location or through a hacked site or a local proxy that gives the same protection
information is much more important than showing off that you have hacked or defaced something
the best solution is double authentification