BACK

Sextortion Bitcoin scam makes unwelcome return

Sextortion Bitcoin scam makes unwelcome returnHeads up: a particularly nasty sextortion Bitcoin scam from at least the middle of 2018 is making the rounds once again. The scam involves making use of old breach dumps, then emailing someone from the list and reminding them of their old password. When something lands in your mailbox with “Hey, …

  • 11 Feb 2019
4 min read
Sextortion Bitcoin scam makes unwelcome return
Heads up: a particularly nasty sextortion Bitcoin scam from at least the middle of 2018 is making the rounds once again. The scam involves making use of old breach dumps, then emailing someone from the list and reminding them of their old password. When something lands in your mailbox with “Hey, remember this?” it’s a surefire way to focus the reader’s attention. Pressure is then applied to start sending over some Bitcoin…or else. What is the threat being made? The generally accepted theory is that the scammer digs up personally identifiable information from old data breaches, including email addresses and passwords, plugs it into some sort of automated script, and then fires out thousands of emails. Those mails reach people from said breach, and they then see talk of somebody “knowing” their login details. That’s then used as leverage to claim the attacker has access to their PC, files, folders, webcams, browsing history—in a nutshell, anything personal and sensitive. The scarier they can make it sound, the better. In fact, one of the more eye-popping claims is that the scammer has video of the user viewing adult websites, and they will share this video with all the user’s contacts unless they pony up and pay a Bitcoin ransom. And in classic ransomware fashion, there’s typically a ticking clock. Giving users a short time limit to deliver the payment is social engineering at its finest. What next? The recipient may well have a panic attack, that’s what. To be suddenly confronted with an ancient (but potentially still active) password is certainly going to give a bit of a shock to the system. It’s at this point the confusion sets in, as they start to wonder what on Earth the attacker has. Did they really see what they claimed to see? Do they actually have video footage? What other potentially embarrassing (or worse) content could they use to extort and blackmail? What do they really have? A large throne of lies, is what. Yes, they have your password from a long time ago. No, they do not have access to your computer. And no, even if you were checking out adult sites, they don’t have video of you doing so. What they might have is access to your email account associated with the breach, if you haven’t changed the password since it took place. They could also potentially start trying to log into other accounts you have with the same password. If this is the case, you should fire up a password manager and get to work changing things. In fact, you should do that if you share passwords across accounts in any case. Okay, back to the scam. What does the email say? It’s a fairly standard template, and hunting for portions of the below mail will throw up any number of hits in Google and other search engines. Click to enlarge The email reads as follows: I am
Source: Malware BytesPublished on 2019-02-11
Blog Details
  • 11 Feb 2019

Newest Articles.

View all
  • 04 Mar 16

    Top 5 Recent Cyber-attacks/hacks and How They Could Relate to your Business.

    Read Article logo
  • 13 Mar 16

    Data leaks, how can they affect Sales and Business Integrity?

    Read Article logo
  • 20 Apr 16

    Common Cyber Security Threats Faced by Businesses and The Impacts

    Read Article logo
  • 11 May 16

    Regular Vulnerability Scans Assessments: Keeping You Safe

    Read Article logo

Get a Quote

Click below and we’ll send you a quote as soon as possible.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Contact Us

Click below and we’ll send you a quote as soon as possible.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Step 1 of 4 - Let’s get started

25%
  • Thanks for your interest in working with us. Please complete the details below and we’ll get back to you as soon as possible.

Buy Cyber Essentials

price-popup-pattern