Almost 300 million extortion scam emails were blocked by Symantec in the first five months of 2019.
To read the full report please visit https://www.symantec.com/blogs/threat-intelligence/email-extortion-scams
An email arrives in your inbox, with one of your old passwords in the Subject line. Your curiosity is piqued, and you
click into the message, only to discover that someone has allegedly hacked your webcam and recorded you engaged in some
intimate acts, and they are now threatening to send this recording to everyone in your contact list. However, if you
send the anonymous blackmailer a few hundred dollars in bitcoins they promise that no one will see the embarrassing
footage.
Most of these sextortion-style scams follow largely the same pattern, with variations in the messages such as using
attachments or obfuscated characters, etc., applied in an attempt by attackers to evade email protection technologies.
For example, some spam filters might work by blocking emails with Bitcoin addresses in the body—hence why attackers may
have then turned to using PDF attachments or obfuscated text to try to bypass the spam filter.
The majority of emails also contain a password or partial phone number previously (or perhaps still) associated with the
email address the email is sent to. This is included to make it appear the attacker has access to private information
about the recipient—when in fact they almost certainly obtained it from one of the many large password dumps of recent
years.
As these email extortion scams are typical cyber crime activity, it is not clear exactly who is behind these attacks,
but Symantec believes that a minimum of two cyber crime groups are engaged in this kind of activity, though there are
potentially also many others. The barriers to entry for criminals are quite low for these scams—they do not necessarily
require a huge degree of technical knowledge, and criminals only need a small percentage of them to be successful to
make a profit.
These scams are still being actively sent, so consumers should be aware of these scams and the steps they can take to
avoid falling victim to them.
Best practices
• Ensure you have strong email protection technologies in place, such as the products provided by Symantec, that
will stop these emails from ever reaching your inbox.
• Do not open emails or attachments, or click on links in emails, that are unsolicited or from unknown sources.
• If you do receive one of these emails, do not panic, do not respond, do not click any links or open any
attachments, and do not send money to the attackers. Mark the email as spam and, if you feel it is necessary, alert
authorities about the email.
• Ensure all your online accounts are protected with strong, unique passwords, and enable two-factor
authentication where possible. If you think your account has been compromised or your password revealed in a password
dump, you should change it immediately.
To read the full report please visit https://www.symantec.com/blogs/threat-intelligence/email-extortion-scams