Sextortion is a type of online phishing that is targeting people around the world and preying on digital-age fears. At Aquilai we are detecting and stopping both the old and the newer versions of these emails targeting our existing customers. So what should you do if you receive one of these emails?
Our first piece of advice – Don’t panic, and most importantly do not pay any ransom.
Remember this is a scam making use of old breach dumps, then emailing someone from the list and reminding them of their old password. Firstly, your computer has not been hacked and their is no content. These scams are organised by criminal gangs not individuals.
The general gist of the email is that the hacker claims to have compromised your computer and says they will release embarrassing information—such as images of you captured through your web camera or your pornographic browsing history—to your friends, family, and co-workers. The hacker promises to go away if you send them thousands of pounds, usually with bitcoin. The scammers, to prove their authenticity, begin the email showing you a password you once used or currently use. Again, this doesn’t mean you have been hacked. The most likely explanation is that the scammers likely matched up a database of emails and stolen passwords, and sent the scam out into the world to millions hoping that some people would be worried enough to pay out.
The attacks we see against business staff start with a headline something along the lines of “I know you are a Pedophile” and then followed up somewhere in the body of the email asking for £5,000 in Bitcoin with instructions on how and where to pay.
If you are a business, it also takes a lot of ongoing work from your IT staff to keep these emails from entering your staffs email inbox and disrupting their work? In addition, the latest wave of these scams are getting harder to detect. They come from legitimate sending domains, they pass basic SPF and DKIM authentication. To circumvent look up lists we also see Latin script being used to hid key characters from machine scans. They specify GBP for payment so the UK as a whole is targeted with this phishing campaign. Our phishing detection system which works for cloud based email either Office 365 and G-Suite, and being shaped by GCHQ, and has unique abilities to detect these types of scams even if we have never seen a particular strain before. Once installed there is no need for additional IT staff hours as the machine learning will keep your staff safe automatically.
However, if you have a legacy security email gateway system you will find these emails finding their way into staff inboxes. As a minimum, here are four things you should do to make you cyber safer.
Four things to do:
Change your passwords for online and social media sites
Do not respond to the email
Do not pay the ransom
Check – “Have I been Pwned” to see if you have been involved in a well know password dump.
Ultimately these scams are an evil practice and cause untold trauma to the victims who get taken in. If you see these emails always report them as spam/abuse before deleting them.