(707) 268-8850    Get SUPPORT

Network Management Services Blog

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at (707) 268-8850.

The Best Way to Approach Data Backup
Tip of the Week: Cloud Software for File Sharing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, October 16 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Cloud Best Practices Network Security Business Computing Privacy Managed IT Services Hackers Malware Data Backup Innovation Backup Hosted Solutions VoIP Mobile Devices Google Email Outsourced IT Tech Term Data Recovery Data IT Support Software Cloud Computing Saving Money Internet Internet of Things Microsoft IT Services Business Continuity Efficiency Communications Hardware BDR Cybercrime Cybersecurity Ransomware Smartphones Business Communication Small Business User Tips Server Disaster Recovery Android Artificial Intelligence Avoiding Downtime Gadgets Save Money Browser How To Managed IT Network Computers Alert Managed IT Services Smartphone Windows Phishing Firewall Productivity Applications Miscellaneous Workplace Tips Business Intelligence Mobility Social Media Money Mobile Device Management Business Management Data Security Data Protection Windows 10 Collaboration Two-factor Authentication Computer Passwords Vulnerability Router Law Enforcement BYOD Social Engineering Chrome Facebook Identity Theft Remote Monitoring Blockchain Budget Word Productivity Virtualization Operating System Flexibility Office 365 Bandwidth Telephone Systems Upgrade Proactive IT Connectivity IT Support Spam VPN Redundancy Managed Service Provider Document Management Compliance Private Cloud Apps Quick Tips Smart Tech Virtual Assistant Employer-Employee Relationship IT Plan Settings Public Cloud Update Microsoft Office Data Breach Office Tips Data storage Credit Cards Content Filtering Unsupported Software Mobile Device Analysis Big Data Data Storage Website Servers App Infrastructure Mobile Computing Value Solid State Drive Networking Holiday Hacking Spam Blocking Password Sports Bring Your Own Device Information Windows 10 File Sharing Business Owner Automation Unified Threat Management Physical Security Information Technology Managed Service Data loss Work/Life Balance CES Wi-Fi Government Comparison OneNote IT Management Encryption Google Drive Content Management Paperless Office Training Workers Windows 7 Access Control Save Time Gmail Cache Safety Computing Infrastructure Outlook Specifications IBM Humor CrashOverride Tools Theft Marketing Streaming Media Hacker Current Events Files Camera Trending Strategy The Internet of Things Computer Care NIST Audit Telephony Apple Cast HaaS Students Reputation Internet Exlporer Regulations Evernote Authentication Scam Recycling Wireless Internet webinar Frequently Asked Questions Millennials Insurance Telephone System Downtime Google Apps Content Filter Knowledge Lifestyle HIPAA Samsung Hybrid Cloud Cryptocurrency Computer Fan Skype Hard Drives iPhone Entertainment Human Resources Healthcare Charger Emails Customer End of Support Wireless Charging Nanotechnology Root Cause Analysis Botnet eWaste Wire Conferencing Monitor History Excel Workforce USB Fraud Practices Storage Electronic Medical Records Network Congestion Software Tips Accountants Safe Mode FENG Start Menu MSP Google Docs Staff Electronic Health Records Internet exploMicrosoft HVAC Flash PDF Black Market Fiber-Optic Meetings Travel Data Management Criminal Tip of the week Telecommuting Amazon Hosted Computing Password Manager IT Consultant Cortana Keyboard Office Mobile Supercomputer Remote Worker Data Warehousing Voice over Internet Protocol Digital Signature Machine Learning Advertising Enterprise Content Management Windows 10s Cables Devices Smart Office User Error Windows Server 2008 Remote Work Hosted Solution Amazon Web Services Inventory Emergency Business Mangement Addiction Leadership Colocation HBO IoT SaaS Relocation Business Technology Professional Services Thought Leadership Hiring/Firing Health Wiring Multi-Factor Security Legal Risk Management YouTube Augmented Reality Cleaning Netflix Password Management Sync Education Unified Communications Screen Mirroring Software as a Service Wireless Technology Recovery Online Shopping Patch Management Computer Accessories Scalability Music Fun Two Factor Authentication Best Practice Politics Company Culture Remote Monitoring and Maintenance Audiobook Vendor Management Shadow IT Competition Bluetooth Administration Wearable Technology Customer Relationship Management Assessment IP Address Printers Managing Stress Virtual Reality Line of Business WiFi Users Transportation Automobile Customer Service Books Television Search Regulation Mobile Office Worker Commute Domains Webinar Benefits Wireless Worker Instant Messaging Troubleshooting Public Computer Twitter Video Games Loyalty Smart Technology Public Speaking IT solutions Battery Techology Presentation Rootkit How to Lithium-ion battery Employer Employee Relationship Remote Computing Experience Proactive Content 5G Tech Support