This is a heads-up about a new aggressive form of email attack that you need to warn your employees, friends and family about.
The bad guys have beta-tested and refined it in Australia, and now the first incidents have been spotted in the U.S.
The sophisticated attackers are targeting potential victims in an email sequence that starts with pornography and adult dating links, which then are followed up with extortion attempts.
Information technology security company Forcepoint said it picked up more than 33,500 such emails in August, when the testing was happening Down Under.
The scam threatens to steal users’ privacy, sequencing emails that say “look at this” and then “we know what you just looked at.” Scammers demand $320 payment in bitcoin.
The email claims that a virus was installed on a porn website which recorded the victim through their webcam.
“Then my software collected all your contacts from messengers, emails and social networks,” it said. “If I don’t receive my bitcoins, I’ll send video with you to all your contacts.”
Carl Leonard, principal security analyst at Forcepoint, said cyberextortion was a prevalent tactic today. While it largely takes the form of ransomware, he said data exposure threats were growing in popularity.
“Cyberblackmailing continues to prove as an effective tactic for cybercriminals to cash out on their malicious operations,” he said. “In this case, it appears that a threat actor group originally involved in adult dating scams have expanded their operations to cyberextortion campaigns as a result of this trend.”
Email addresses specifically targeted
Leonard said company email addresses were specifically targeted, which would have added additional pressure to potential victims, since it implies that a recipient’s work PC was infected and therefore may taint that person’s professional image.
“It is important for users to verify claims from the internet before acting on them,” he said. “Most online attacks today require a user’s mistake before actually becoming a threat. This is something that can be mitigated by addressing the weakness of the human point.”
But Leonard said the scale of this campaign suggested the scammers were bluffing about having compromising information.
“If the actors did indeed possess personal details of the recipients, it seems likely they would have included elements, such as name, address or date of birth, in more targeted threat emails in order to increase their credibility.
“This led us to believe that these are simply fake extortion emails. We ended up calling it ‘faketortion.’ ”
I suggest you send the following to your employees, friends and family. You’re welcome to copy, paste and/or edit:
“There is a new, sophisticated email scam you need to watch out for. Bad guys first send emails with links to inappropriate websites to business email addresses, and then follow up with extortion threats, claiming your workstation is infected and that they know what you just looked at, and say they will send a video to all your email contacts, because they recorded what you were watching.
“If this type of scam email makes it through the spam filters into your inbox, do not click on any links and do not reply. Delete the message (or click on the phishing alert button). Do not download any software to check your computer for viruses, but follow procedure to report these types of criminal emails. Remember, ‘think before you click’ is more important than ever these days.