Extortion email scams have been on the rise lately, fueled by multiple data breaches that have leaked mass amounts of personal information. MailGuard intercepted an extortion scam on the 8th of December morning (AEST).
The malicious emails are infiltrating inboxes using varying display names and subject titles. The message body is in plain text that uses many unicode characters to avoid detection. It claims that attackers have obtained recipients’ passwords and have installed special software on their devices to record recipients when they are viewing adult content. The email threatens the recipient that the recorded video will be released unless a payment is made in Bitcoin. A Bitcoin address is given in the form of a QR code image.
Here is a screenshot of the email:
This attack preys on a fear of humiliation and embarrassment to trick users. By telling victims that sensitive, personal and embarrassing information has been obtained, it evokes panic among users, motivating them to urgently provide the ransom money.
Scammers are attempting to blackmail me! Now what?
It is key to remember that this scam is fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia. This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you.
The password in the email is likely to be an old one. If it is still in use, we strongly recommend updating any service that may use the password.
To be safe, we also advise using unique passwords for every site you visit, and setting up 2-factor authentication where available.
Defend your inbox
Even the most experienced and savvy email users can have a moment of haste, carelessness or fatigue when their guard is down. Just practising good common sense isn’t enough anymore, because for scammers it’s a numbers game; they know that if they keep sending their scams, sooner or later we will slip up and do something we shouldn’t.
Extortion phishing scams can be enormously costly and destructive, and new scams are appearing every day. Don’t wait until it happens to you or someone in your business; take action to protect your inboxes, now.
For a few dollars per staff member per month, add MailGuard's cloud-based email filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: firstname.lastname@example.org
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.