window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.async = true; mf.src = "//cdn.mouseflow.com/projects/0148bb62-7ff8-46ae-a466-bf3fd13c7d09.js"; document.getElementsByTagName("head")[0].appendChild(mf); })();
407-478-6600    Get SUPPORT

TaylorWorks Blog

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at 407-478-6600.

A.I. Is Starting to Move Businesses Forward
Tip of the Week: Cloud Software for File Sharing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, December 10 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Tag Cloud

Tip of the Week Security Technology Network Security Best Practices Cloud Privacy Business Computing Data Backup Managed IT Services Hackers Hosted Solutions Data Recovery Email Malware VoIP Data Innovation Mobile Devices Outsourced IT Google Microsoft Tech Term Backup User Tips Hardware Internet Business Continuity Cloud Computing BDR Saving Money Business Internet of Things Software IT Services Ransomware Cybersecurity Efficiency Communications Smartphones Managed IT Services IT Support Communication Cybercrime Small Business Android Browser Productivity Network Applications Disaster Recovery Artificial Intelligence Chrome Workplace Tips How To IT Support Smartphone Business Management Computer Windows 10 Router Law Enforcement Managed IT Gadgets Information Computers Business Intelligence Blockchain Office 365 Avoiding Downtime Virtualization Data Security Spam Mobile Device Management Server Data Protection Two-factor Authentication Money Collaboration Windows Phishing BYOD Word Save Money Servers Analysis Miscellaneous Remote Monitoring App Upgrade Facebook Social Media Redundancy Telephone Systems IT Management Holiday Proactive IT Bandwidth Mobility Connectivity Voice over Internet Protocol Document Management Mobile Device Software as a Service Alert Passwords Vulnerability Encryption Compliance Apps Identity Theft Productivity Training Firewall Social Engineering Access Control Update Paperless Office Scam Credit Cards Smart Tech Big Data Data Breach Website Employer-Employee Relationship Fraud Managed Service Google Drive Spam Blocking Human Resources Data loss Automation Solid State Drive Infrastructure Mobile Computing Flexibility VPN Information Technology Google Docs Value Operating System Password Business Owner Virtual Assistant Private Cloud Education Bring Your Own Device Wi-Fi Keyboard IT Plan Telephone System File Sharing Unified Threat Management CES Sports Windows 7 Networking Work/Life Balance Workers Comparison Telephony Unsupported Software Machine Learning Data Storage Settings Content Management OneNote Microsoft Office Budget Knowledge PDF Computer Care Mouse Health Office Tips Virtual Reality NIST Meetings Botnet Emails Technology Tips Recycling Cache Black Market Content Filtering Excel Millennials Start Menu Wireless Charging Conferencing Remote Worker Google Apps Streaming Media Instant Messaging Users Physical Security Lifestyle Help Desk HaaS Hacking Network Congestion Authentication HIPAA Data Warehousing WiFi Samsung Administrator Students Worker Commute Flash Insurance Cryptocurrency Legal Entertainment Travel Charger Virtual Private Network eWaste Wireless Internet Battery Tip of the week Workforce Downtime Business Technology Mobile Wiring Content Filter USB Computer Fan Shortcuts Wireless Amazon Electronic Medical Records IT Consultant Proactive Hard Drives Fiber-Optic Nanotechnology Remote Computing Microchip Staff Healthcare Practices Safe Mode Screen Mirroring Windows 10 Project Management Criminal Wire Windows Server 2008 Telecommuting Data Management Professional Services GDPR Password Manager Storage Recovery HBO FENG Computing Infrastructure Accountants HVAC Sync Amazon Web Services Leadership Remote Monitoring and Maintenance Cables Windows 10s Digital Signature Electronic Health Records Public Cloud Hosted Computing Cast Netflix Warranty Remote Work Tools Augmented Reality E-Commerce Cortana Business Mangement Outlook Enterprise Content Management Wireless Technology Online Shopping Line of Business Unified Communications Devices Multi-Factor Security SaaS Search Engine Save Time Managed Service Provider Inventory Risk Management Government Cleaning Printer Smart Office Patch Management Regulations Current Events Password Management Root Cause Analysis The Internet of Things Camera Gmail Addiction Marketing Frequently Asked Questions Hacker Specifications End of Support IoT Skype Evernote webinar MSP Theft Thought Leadership Software Tips Trending Audit Bing Strategy YouTube Two Factor Authentication Politics Customer Relationship Management Competition Audiobook Vendor Management Printers Quick Tips IP Address CrashOverride Fun Internet exploMicrosoft Bluetooth Wearable Technology Assessment Company Culture Video Games Customer Service Files Transportation Advertising Webinar Office Books Mobile Office Automobile Domains How to Television Colocation Managing Stress History Benefits Search Best Practice IT solutions Relocation Public Speaking Worker Troubleshooting Public Computer Presentation Scalability Loyalty Utility Computing Techology Smart Technology Humor Emergency Lithium-ion battery Rootkit Twitter Shadow IT Hosted Solution Internet Exlporer 5G Employer Employee Relationship Experience Tech Support User Error Regulation Hybrid Cloud IBM Safety Content Computer Accessories Hiring/Firing Music

Mobile? Grab this Article!

QR-Code dieser Seite