ESET Records A New Wave Of Multi-lingual E-mail Based (s)extortion scams Scaring Victims Into Payment

ESET Records A New Wave Of Multi-lingual E-mail Based (s)extortion scams Scaring Victims Into Payment

Sextortion scams have typically been used as part of large-scale spam campaigns, but now many of these attacks are getting more sophisticated and are bypassing email gateways.

In these scams, the attacker sends out emails claiming to have hacked the intended victim's device and has recorded the person while watching pornographic content. The email also asserts that the video has not only captured the user's behavior in front of the webcam, but also which videos were played

"In order to conceal the compromising materials, the attacker asks for a sum of around 0.43-0.45 Bitcoin – US $2000, however we've already seen other messages asking for other amounts," explains OndrejKubovic, ESET Security Awareness Specialist. "The victim is directed to pay within 48 hours of opening the email or the cybercriminal threatens to send the incriminating video to all the contacts he/she has managed to steal from the infected device," adds Kubovič.

In the previous waves detected by ESET, these sextortion scam emails were mostly in English, however in the last few days, we have seen multiple new localizations focusing on Australia, United States, United Kingdom, Germany, France, Spain, Czech Republic and Russia.

Over the years sextortion cases have escalated. In 2017, it was reported that nearly one-sixth of the 338 sexual assault cases seen by the Association of Women for Action and Research's (Aware) drop-in centre involved the use of technology.

In December 2018, the Singapore Police Force reported receiving 70 police reports since September, by victims who were blackmailed by scammers that had claimed they had screenshots of them watching porn.

Similar e-mail scams are nothing new and have been appearing for years. What makes the current scam different from its predecessors is the effectivity of the social engineering involved, mainly thanks to its focus on users who secretly watch pornography on their devices.

The scam is also effective due to the sensitive theme of pornography. Many users secretly visit pages with pornographic content and the idea that their family, acquaintances, colleagues or business partners may learn about their behavior is extremely unpleasant.

"If you find such an email in your mailbox, act slowly, deliberately and avoid rash steps. First of all, do not reply to the scam, do not download its attachments, do not click on embedded lines, and certainly do not send money to attackers. If an attacker lists your actual password, I recommend changing it and activating two-factor authentication on that service. Indeed, in many cases, attackers actually test the login information and use the hacked account at least to spread their messages. Also, scan your device with reliable security software that can detect real infections and other issues, such as the misuse of the built-in webcam. This can be done, for example, by simply adding tape over its lens," Kubovič advises users.

ESET is sharing news of this scam as a warning to the public. The scam is an attempt at extortion, and the attackers do not really have any such video of the victim. ESET protects its users from similar threats through its antispam technology.

Related Stories

No stories found.
logo
Telecom Today
www.telecomtoday.in