Cyber Blackmail and Extortion Schemes

Over a hundred people have recently contacted Action Fraud, the UK’s national cybercrime reporting center, about a particular targeted-extortion campaign that appears to be a growing threat.

The attackers contact their targets through email, claiming that they have video footage of their victim watching what I’ll delicately describe as ‘adult entertainment’ content. Most of the devices that people use to watch that sort of content online are either a smartphone or tablet with front facing cameras, or laptops with webcams. So, a lot of the targets might assume that the basis of the attackers’ extortion attempt is valid.

Combine that with the attackers’ claims of having acquired one of the targets’ passwords through malware exfiltration, then displaying that password in plaintext in the body of the email, and you’ve got a very convincing social engineering strategy.

The attackers then threaten to distribute the personally compromising footage to the targets’ friends, family, and coworkers through Facebook, Facebook Messenger, and email if the victim doesn’t fork over $2900 worth of bitcoin within one day.

Here’s an example of the emails that the targets have received (edited for appropriateness):

I’m aware, XXXXXX is your password. You don’t know me and you’re probably thinking why you are getting this mail, right?

Well, I actually placed a malware on the <adult content> website and guess what, you visited this website to experience fun (you know what I mean). While you were watching video clips, your internet browser started out working as a RDP (Remote Desktop) with a key logger which gave me access to your display screen as well as web camera. Just after that, my software program gathered every one of your contacts from your Messenger, Facebook, and email.

The extortion message goes on to instruct targets how to make payment under threat (Read more…)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Kim Crawley. Read the original post at: