Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 4 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Extortion phishing! Wide Ranging Email Attacks Landing In Aussie Inboxes.

by The Gurus
December 4, 2018
in Scam Of The Week
Share on FacebookShare on Twitter

A very-large extortion phishing scam began hitting inboxes early Wednesday AEST. There are several variations of the email scam, each attempting to blackmail their target.

The theme is the same – telling victims that sensitive, often deeply personal and embarrassing, information has been obtained, and threatening to publish the content unless a ransom payment is made in bitcoin.

Three variations of the scam are described below:

1) Stolen passwords

The first variation involves extortion emails informing recipients that their passwords have been hacked. Cybercriminals place the targets password within the email body or in the subject of the email

It is likely that the scammers obtained the credentials from a password list that included the recipient’s email address. These lists are often from a compromised service that the original hackers have displayed or sold on the dark web. In most cases, the credentials are outdated, however those that are clinging on to old passwords, could still be fooled. Recipients should change passwords immediately if still in use.

Another tactic in this scam is the reference to a CISCO router vulnerability. Well-known and publicized security holes or exploits are often mentioned in these attacks to boost the credibility of the scam.

Forging of the recipient’s email address to send the email, is another way scammers lend authenticity, by highlighting it within the body of the email as per the below:

“I understand that it is hard to believe, but here is my evidence:
– I sent you this email from your account.”

2) Embarrassing video footage

A different variation of the extortion phishing scam tells victims that the attackers have installed special software on their devices to record them when they are viewing adult content, as in Screenshot 2 attached above.

This attack preys on a fear of humiliation and embarrassment.

3) Personal browsing history

A third variation takes a similar approach, informing recipients that a trojan virus has been installed on their system, that has been monitoring the users’ activity for an extended period of time.

All variations of these extortion phishing email scams are attempting to blackmail recipients. Scammers inform victims that unless a ransom payment to a bitcoin wallet is received, the (supposedly hacked) confidential data or compromising footage will be published.

Scammers are attempting to blackmail me! Now what?

It is key to remember that these scams are all fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia.

This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you.

To be safe, MailGuard suggests using unique passwords for every site you visit, and setting up 2 factor authentication where available.

[tpr-boilerplate company=’null’]

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Global Survey Reveals Coming Shift In Cyber Security Priorities.

Next Post

Ping Identity Announces Additions To Leadership Team.

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information