08 Feb 2019
Security Alert: Beware of Sextortion Scams
54.7% of worldwide emails are spams as they are irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for advertising, phishing, spreading malware and targeted scams.
The spam cycle is generated by users who publish their emails in documents or on websites on the internet. These emails, are harvested by hackers, and are used to create emails lists which are sold on the Dark Web to spammers who in turn spam users or filter these lists to conduct scams to gain personal information, donate fake charities, carry out threats, extortion and sextortion.
Scams are generally delivered in the form of a spam email, however, not all spam emails contain scams. Scams are designed to trick users into disclosing information that will lead to defrauding or stealing their identity or to obtain financial gains.
A wave of emails scams claim that attackers have: stolen users’ password, hacked their webcams while users were watching films and made a side-by-side film of face reactions when these films were being viewed by users. The mail warns that if payment is not made by users on a bitcoin account, the double-screen film will be released in the Clear Web.
What you need to know:
Usually, hackers don’t actually have any video or access to your webcam. Analysis has proved that hackers were not able to install any malicious codes, such as key loggers or gain control of the victim’s computers.
Over the past few years there has been frequent password leaks and hackers are using those leaked database to surprise and scare their victims.
Up to now, scammers seem to be using old passwords but they will most probably be using up to date databases.
How to Protect Yourself?
To reduce the volume of unsolicited and malicious emails, or SPAMs, BIRGER. proposes a 4-step approach:
- Awareness: Create awareness among users to be able to detect such emails, stop emails validity on email lists and prevent users from being trapped by phishing techniques.
- Filtering: Install a baseline protection anti-spam system, which filters most spams (e.g. email gateways).
- Web forms: When advertising your company on the Internet, use web forms for direct contacts from the net whereby the backend email is easily changeable.
- Different emails: Using different emails such as disguised emails, disposable emails or different emails which may assist to identify spam sources and manage spam pro-actively.
More information:
- https://www.businessinsider.com/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7?IR=T
- https://www.bleepingcomputer.com/news/security/new-sextortion-scam-pretends-to-come-from-your-hacked-email-account/
- https://www.reddit.com/r/Scams/comments/90yiv4/sextortion_scam/
- https://www.independent.co.uk/life-style/gadgets-and-tech/news/email-scam-pornography-sextortion-a8463196.html
- https://www.symantec.com/security-center/publications/monthlythreatreport
For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.
BIRGER.
