We are all familiar with ransomware and its increasingly dangerous cousin, wiper malware. The first encrypts your files and demands ransom payments in exchange for the decryption key. The second, now being mixed with ransomware proper, is more destructive. As its name implies, it wipes files, deletes them permanently.
Sometimes it may be used as a threat to increase the pressure on the victim to pay. At other times it masquerades as ransomware, but even if you pay, you will not get your files back.
These represent serious threats, best handled with awareness and a rigorous program of regular, secure backup. But there are other kinds of extortion, and these are more easily handled. Recognize them for the scams they are and simply delete them.
We have written about various instances of these over the years, but now BleepingComputer has compiled a rundown of the more common varieties of scareware. Remember as you look at each one of these that there’s nothing to them. They work only on people whose jittery nerves or uneasy consciences lead them to panic, and then pay. Some of these phishing emails carried ransomware or information stealers as a kind of secondary payload, but the primary threat was all so much hot air:
- “Hackers have video of you on adult web sites!” You are supposed to think someone has hacked your web cam and observed you doing whatever you might have been doing. Rest assured, they have not. A lot of people were taken in. Hoods running this sextortion scam last year were able to rake in more than $50,000 in a single week.
- “A hitman has been hired to kill you!” Sometimes, however, that hitman with a heart. He will spare you if you send him a payment. There is no hitman.
- "Bomb threat!” A bomb has been placed in your building and it will explode unless you cough up $20,000 or so. Again, it is unlikely in the extreme that there is a bomb, but if you are worried anyway, call the police.
- “CIA Investigation!” So this CIA technical collection officer says you are the subject of an investigation into child pornography. If, however, you pay the merciful technical collection officer $10,000, he will delete your information from the case files. A good story, no? But alas, the CIA is not in fact on to you. Nor does the CIA investigate child pornography. The Company is an intelligence service, not a law enforcement agency.
- “You will be infected with WannaCry, DDoSed, and doxed to the IRS!” The emailer says they have found “hidden documents” that they will report to the US Federal tax authorities, but they can tide the whole thing over if you cross their palm with two Bitcoin.
- "Sex tape!” So, OK, the emailer says that you and he or she exchanged intimacy a long time ago. Maybe you forgot? Anyway, they secretly taped the two of you in the act, and they also stole your contact lists and passwords when you stepped out to use the toilet. Still don’t remember? Are you sure? Well, please pay $1500 or they will share the video with everyone in your contact list. Let us grade this one “highly unlikely,” but high marks for the whole bathroom thing.
- “We will ruin your site’s reputation!” This one is usually a criminal-to-business play. The scammers threaten to spam people with your domain name, post bad reviews of your business, and they will use your name to post nasty wisecracks on other Websites’ contact forms.
- “Hey! It’s us, the US State Police!” The State Police (never mind which of the fifty US state police departments; it’s the State Police, for heaven’s sake, and you do not ask Smokey for ID) have found that you are a child pornographer, but they are willing to look the other way in exchange for $2000. Payable, of course, in Bitcoin.
You might find all of these laughable, but people fall for them. Teach your employees not to be spooked, or to fool around with any links or attachments the emails might carry. The threatening subject line is direct extortion, but it can also serve as phishbait for a different attack. New-school security awareness training will help any organization rest easy, knowing that CIA hitmen did not in fact date all of your people back in college, and so on.