At Sextortion, also known as "porn scam", crooks send you an email claiming to have a video of you watching porn videos they acquired by implanting malware on your computer to have.
We suspect that not only did you hear about it, but you also received these hideous and scary emails yourself – scary, because whether the crooks really have a video or not, the emails come with an aggressive extortion demand for money logged out.
… Or the video goes to your whole family and friends.
The amount of extortion varies, but is usually around $ 2,000 and is payable via Bitcoin to a cryptocoin wallet specified in the email.
The idea is that when you pay, the crooks stop tracking you, delete the video, and move on to another victim.
The thing is, there is no video – if so, would the crooks send you a clip or a still image of it as evidence?
The criminals only hope that some of the victims who receive their emails will still pay out of fear, and at least some people.
A SophosLabs report released earlier this year found that scammers who cheat porn didn't make the millions of dollars that some ransomware gangs seem to get away with. Still, sextor fraudsters have pulled themselves up a lot up to $ 100,000 a month by simply telling people to pay.
LEARN MORE ABOUT SEXTORTION HAZARDS
Check out YouTube to see if the video doesn't play here.
So you are probably not particularly surprised to hear that the sextortion crooks are now putting their hands on what we call "breaststortion".
Instead of claiming to have infected your computer and got away with videos captured from your own webcam, crooks claim to have hacked your website and got away with your data.
As you probably know, ransomware crooks no longer just encrypt your data and require you to pay to get it back.
You are now increasing the stake by first stealing your data and only then releasing your ransomware to encrypt everything.
This way, the crooks can hit you for two reasons: buy the decryption key back and prevent us from telling the world that we hacked you.
The "breachstortion" crooks copy this breach-based approach, except that they didn't hack your network or your computer at all – it's all a lot of real lies:
Subject: Your website has been hacked
Please forward this email to someone in your company who can make important decisions!
We hacked your website (URL REDACTED) and extracted your databases.
How did it happen?
Our team found a vulnerability on your website that we were able to exploit. After we identified the vulnerability, we were able to retrieve your database credentials, extract your entire database, and move the information to an offshore server.
What does that mean?
We will systematically go through a number of steps to completely damage your reputation. First, your database is leaked or sold to the highest bidder who he uses with his intentions. If emails are found, they will be informed by email that their information has been sold or leaked and that your (URL REDACTED) has made a mistake that damages your reputation and has disgruntled customers / employees with all disgruntled customers / employees . Finally, all of the links that you have indexed in the search engines will be indexed based on blackhat techniques that we have used in the past to index our goals.
With this in mind, SophosLabs has received some emails, some just today and others a month or two ago.
In all cases, crooks have five days to pay by sending cryptocurrency to a Bitcoin wallet that received the email.
The amounts we've seen vary between $ 1,500 and $ 2,000 (for what it's worth, the last sample we saw had the lowest price).
The message does not contain email or website contact information. The crooks tell you not to bother replying to the email at all, and there is no website where you can track your payment and see if they have received the money.
Ironically, as the crooks emphasize, "please note that Bitcoin is anonymous and no one will find out that you have followed it."
This is believed to calm your mind by persuading you that the act of paying itself does not alert you to your "violation", although this means that you rely entirely on crooks to keep track of which payments are "protected" What data was the website.
What should I do?
When ransomware crooks enter your network, you usually have no doubt what just happened. In fact, the ransom note is usually saved to a file directly on your desktop, often with a dramatic change in the background image to draw your attention to the attack.
In this case, there is none of it – not least because there was no malware, no hack, and no attack other than the blackmail email.
As with porn fraud, crooks have no data, so paying is pointless.
Of course, the claims crooks make are technically feasible both in cases of sex sorting and violations: webcams are sometimes really hijacked by malware; and data breaches actually occur when crooks sneak in due to an unpatched security bug.
This raises the tricky question: "But what if it's true and the crooks really have this video of me / all the data from my network?"
Even if you decide to believe the bluffer in such cases, or if you have to spend $ 2,000 to find out if you are safe or sad, we still ask you not to pay.
First, if those crooks really got your files, how do you know someone else didn't get them (after all, we often write about crooks hacked by other crooks), or how can you tell that the crooks don't have done? resell already?
Second, what if they come back next week, next month, or even next year when the stakes are even higher?