The “Sextortion” phishing scam makes use of compromised password data, recipient gullibility, and visits to porn websites to separate victims from their money.
The scam message comes from a supposed hacker who claims to have a) hacked your personal computer, b) installed software, c) and recorded you (via your webcam) while you were visiting, shall we say, a website of ill-repute.
This latest scam leverages some very personal recipient context to establish creditability before asking for an extortion payoff in bitcoin. Using a password – no doubt from an older password database from a popular website – the sender establishes they actually know something about the recipient.
The email begins with “I’m aware that <recipient’s former password > is your password.” A number of KrebsOnSecurity readers have come forward stating they’ve received similar emails. The password cited by the sender turns out to be an actual password of the recipient, but one used many years ago.
But, for some recipients, the content is enough to get them to act and pay the extortion fee.
Users in your organization need to be made aware of scams like this and taught to safely ignore them. Automated scripts leverage online password lookup services to mass email thousands and thousands of email addresses, hoping for a percentage of them to payoff.
Because you can’t educate users on each and every scam angle fast enough to keep up with them, consider security awareness training as an way to continually improve the organizations security stance, by making users become an effective layer in the security strategy.
Free Phish Alert Button
When new scams like this hit your organization, it is vital that IT staff be alerted immediately. One of the easiest ways to convert your employees from potential targets and victims into allies and partners in the fight against cybercrime is to roll out KnowBe4's free Phish Alert Button. Once installed, it allows your users to report phishing emails in a single click and keep the bad guys out.
Don't like to click on redirected links? Cut & Paste this link in your browser: