window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.async = true; mf.src = "//cdn.mouseflow.com/projects/0148bb62-7ff8-46ae-a466-bf3fd13c7d09.js"; document.getElementsByTagName("head")[0].appendChild(mf); })();
407-478-6600    Get SUPPORT

TaylorWorks Blog

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at 407-478-6600.

A.I. Is Starting to Move Businesses Forward
Tip of the Week: Cloud Software for File Sharing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, February 20 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Tag Cloud

Tip of the Week Security Technology Network Security Best Practices Cloud Business Computing Data Backup Privacy Managed IT Services Hosted Solutions Hackers Data Recovery Malware VoIP Mobile Devices Google Email Data User Tips Outsourced IT Innovation Tech Term Internet of Things Cloud Computing Communications Productivity Backup Internet Microsoft IT Services Hardware Business Continuity Software Efficiency Artificial Intelligence BDR Saving Money Cybersecurity Business Ransomware Smartphones Communication Small Business Android Router Disaster Recovery IT Support Managed IT Services Smartphone IT Support Cybercrime Chrome Workplace Tips Gadgets Browser Business Management Applications Windows 10 Network Managed IT How To Mobile Device Collaboration Computer Phishing Law Enforcement Training BYOD Data Security Save Money Computers Data Protection Office 365 Avoiding Downtime Encryption Virtualization Holiday Proactive IT Spam Mobility Mobile Device Management Word Server Information Business Intelligence Blockchain Access Control Two-factor Authentication Windows Money Apps Firewall Productivity IT Management Redundancy Social Engineering Voice over Internet Protocol Connectivity Software as a Service Miscellaneous File Sharing Automation App Upgrade Remote Monitoring Facebook Telephone Systems Machine Learning Social Media Identity Theft Bandwidth Private Cloud Document Management Wi-Fi Servers Passwords Analysis Vulnerability Compliance Managed Service Alert Settings Data loss OneNote Business Technology Infrastructure Hacker Mobile Computing VPN Google Docs Healthcare Microsoft Office Scam Budget Data Breach Virtual Assistant Health Big Data IT Plan Website Spam Blocking Employer-Employee Relationship Telephone System CES Sports Windows 7 Comparison Google Drive Unsupported Software Value Operating System Telephony Business Owner Solid State Drive Data Storage Content Management Flexibility Education Bring Your Own Device Password Information Technology Keyboard Update Paperless Office Unified Threat Management Credit Cards Networking Work/Life Balance Workers Smart Tech Botnet Save Time Human Resources Fraud Travel eWaste Wireless Internet Virtual Private Network Tip of the week Workforce Insurance Cryptocurrency Security Cameras Marketing Content Filter webinar Wiring Backup and Disaster Recovery The Internet of Things Audit Managed Service Provider Shortcuts Mobile Proactive Staff Computer Care End of Support Microchip Amazon Virtual Reality Fiber-Optic Nanotechnology Knowledge Employee/Employer Relationship Screen Mirroring Criminal Wire Emails Project Management Windows Server 2008 Telecommuting Black Market Content Filtering Practices Safe Mode Password Manager Storage Conferencing GDPR Office Tips HBO Instant Messaging Accountants HVAC PDF eCommerce Professional Services Hacking Network Congestion Technology Tips Remote Monitoring and Maintenance HIPAA Digital Signature Electronic Health Records Samsung Sync Amazon Web Services Worker Commute Cables Users Smartwatch Cast Legal Entertainment Charger Warranty HaaS Remote Work Battery Hosted Computing Downtime Business Mangement E-Commerce Outlook USB Enterprise Content Management Computer Fan Social Tools Electronic Medical Records IT Consultant Line of Business File Versioning Multi-Factor Security Remote Computing Search Engine Online Shopping Unified Communications Devices Employee Government Smart Office Wireless Printer Regulations Inventory Data Management Gmail Addiction Camera Frequently Asked Questions Specifications Recovery IoT Windows 10 Password Management FENG Hard Drives Vendor Root Cause Analysis Theft Thought Leadership Leadership MSP Multiple Versions Software Tips Trending Strategy YouTube Windows 10s Bing Skype Evernote Digital Signage Netflix Computing Infrastructure Mouse Recycling Cache Excel Millennials NIST Display Meetings Google Apps Streaming Media Remote Worker Restore Data Physical Security Lifestyle Augmented Reality SaaS Public Cloud Help Desk Start Menu Wireless Charging Cortana Google Search Data Warehousing WiFi Risk Management Wireless Technology Students Cleaning Administrator Flash Patch Management Authentication Current Events Content Safety User Error IBM Computer Accessories Music Managing Stress Hybrid Cloud Net Neutrality Politics Two Factor Authentication Audiobook Competition Vendor Management Customer Relationship Management CrashOverride Hiring/Firing IP Address Bluetooth Wearable Technology Assessment Quick Tips ISP Video Games Fun Internet exploMicrosoft Utility Computing Transportation Webinar Books Customer Service Twitter Mobile Office Files How to Television Automobile Office Domains Advertising Benefits Regulation Best Practice IT solutions Colocation Worker History Troubleshooting Public Computer Relocation Scalability Public Speaking Loyalty Search Smart Technology Presentation Emergency Lithium-ion battery Rootkit Printers Techology Shadow IT Hosted Solution Employer Employee Relationship Humor Experience Company Culture 5G Internet Exlporer Tech Support

Mobile? Grab this Article!

QR-Code dieser Seite