Infracore LLC Blog

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at (858) 509-1970.

The Best Way to Approach Data Backup
Tip of the Week: Cloud Software for File Sharing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, October 20 2018

Captcha Image

Tag Cloud

Tip of the Week Security Technology Privacy Best Practices Cloud Network Security Business computing Google Malware Hackers Microsoft Software Internet Data Innovation Backup Smartphones Hardware Tech Term Windows 10 Hosted Solutions Browser Email Mobile Devices Computer VoIP Android Business Continuity Business Workplace Tips IT Services Small Business Data Backup Managed IT Services User Tips Alert Cloud Computing Productivity Communications Computers Disaster Recovery Ransomware Outsourced IT Miscellaneous Business Management Smartphone Office Communication Efficiency Artificial Intelligence Law Enforcement Cybercrime Data Recovery Passwords Managed IT Services Social Media Network Router Windows 10 Telephone Systems How To Internet of Things Collaboration Cybersecurity Chrome Password Applications Facebook Virtualization Productivity Windows Money Health Work/Life Balance Social Engineering Server Gadgets App Saving Money Quick Tips Office 365 Upgrade IT Support Data Security Information Word Apps HaaS Two-factor Authentication Office Tips Private Cloud Vulnerability Connectivity IT Support Spam Bring Your Own Device Save Money Google Drive Microsoft Office Holiday Hacking Automation Mobile Device Management Wi-Fi Keyboard Phishing Data Protection Scam Data Breach Content Management Big Data PDF Paperless Office Computer Care Mobile Device Unsupported Software Business Intelligence Remote Monitoring Marketing Managed Service Blockchain Managed IT Managed Service Provider Electronic Medical Records Battery Virtual Assistant Update Samsung Government Identity Theft Infrastructure Windows 7 Training Encryption Bandwidth Settings Entertainment Telephone System USB Value Remote Computing Public Cloud Sports BYOD VPN Data Storage Firewall Networking Flexibility Employer-Employee Relationship OneNote Fraud Redundancy Charger Legal End of Support BDR IT Management Spam Blocking Mobility History Automobile Comparison Avoiding Downtime Patch Management Website CES Cleaning IT Plan Operating System Worker Data Management Amazon Web Services Nanotechnology Hiring/Firing Techology Users Voice over Internet Protocol Downtime Information Technology iPhone Network Congestion Safe Mode Recovery Recycling The Internet of Things Music Advertising Content Wireless Internet Warranty Remote Work Practices webinar HVAC Workers Addiction Windows 10s Windows Server 2008 Politics Rootkit Relocation User Error Wiring Digital Signature Screen Mirroring Transportation Safety Search Online Shopping Smart Tech HBO Employer Employee Relationship Virtual Reality Root Cause Analysis Books Assessment Instant Messaging Machine Learning IT Consultant Monitor eWaste FENG Telephony Wearable Technology Video Games Audiobook Wire Printer Hosted Computing Conferencing Software Tips Enterprise Content Management Cache Unified Threat Management Millennials Cast Benefits How to Evernote Outlook Computer Accessories Worker Commute MSP Multi-Factor Security HIPAA Botnet Television YouTube Leadership Education Criminal Skype Mouse Credit Cards Inventory Emails Black Market Password Management Password Manager Solid State Drive Flash Vendor Management Humor Internet Exlporer Mobile Computing Workforce Wireless Charging Devices Frequently Asked Questions Bluetooth Files File Sharing Trending Human Resources Meetings Travel Emergency Public Computer Save Time Data storage Computing Infrastructure Google Docs Start Menu Troubleshooting Loyalty Scalability Hybrid Cloud Smart Office Access Control Current Events NIST Business Mangement Audit Camera Accountants Smart Technology Cortana Thought Leadership Excel Augmented Reality Staff Wireless Authentication IT solutions Physical Security Tools SaaS Apple Document Management Amazon Two Factor Authentication Knowledge Cryptocurrency Gmail Computer Fan Sync Experience Best Practice Internet exploMicrosoft Telecommuting Google Apps Tip of the week Risk Management Remote Worker Specifications Data loss Servers Congratulations WiFi Company Culture Compliance Administrator Webinar Managing Stress Regulation CrashOverride Printers Twitter Thank You

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

JeffreyKGuertin Tech Term: Modems and Routers Defined
18 October 2018
Thank you so much for defining here the modems and routers to give us better information about this....
Shay Stuart How the Convenience of The Internet of Things Can Come Back to Bite Us
17 October 2018
This is a very important share that delivers facts about the utilization of internet tools in differ...
Isla Tait It Pays to Outsource Your IT
15 October 2018
New IT project that show us a new outcome that has been to prepare this setup that was god to know o...
ClarenceEHaynes 11 Ways to Enhance Android Security
15 October 2018
I really impressed from your working, after reading this 11 ways to enhance android security and dis...
technicalsupport VoIP Delivers Benefits That a Traditional Phone System Can’t
13 October 2018
http://Www.Office.Com/Setup | Microsoft http://Office.Com/Setup :- Office setup suite is an importan...