Sextortion scheme changes cryptocurrencies to cover its tracks

Cofense security researchers have found that cybercriminals have begun to alter fraud attempts by claiming payment in other cryptocurrencies than Bitcoin.

The threat actors behind SEO are usually sending an email telling their potential victims that they have malware installed on their systems and recording that they are looking for adult content online through their webcam. Ransom is usually demanded in Bitcoin with the threat that cybercriminals will send the videos or pictures they have taken to the families and colleagues of a victim if they are not paid.

However, because the email addresses used in these scams are often retrieved as a result of a data breach, cybercriminals sometimes include a user's passwords in their original email for the threats to be more persuasive.

With the growing threat of sextortion fraud, companies have started writing recognition tools to block those emails that search for keywords or Bitcoin addresses in the email text. To get around this, cybercriminals have switched to attaching PDF documents to their threats.

Avoid detection

In the recent wave of sex seizure scams, Cofense found that cybercriminals now use a Litecoin wallet address instead of Bitcoin to avoid detection.

Many secure email gateways (SEGs) now have rules for detecting bitcoin addresses in the body of an email or in an attached PDF file containing ransom demands. Therefore, the authors of these attacks had to change their tactics.

According to Cofense, these new sextortion scams use emails that are written to contain very few searchable word patterns, making them harder to recognize for SEGs.

READ  How to watch France vs USA: live stream today's Rugby World Cup 2019 match from anywhere

Not only have cybercriminals changed their tactics, but they have begun using alternative cryptocurrencies alongside Bitcoin to demand ransom payments from the victims. For the victims, however, only about a dozen crypto currencies on major exchanges are easy to obtain. For these scams to succeed, victims must be able to easily pay the cybercriminals behind them.

Fortunately, it is easy to avoid fraud by sex-screening. Users can ignore these emails because a cybercriminal who actually had access to a person's system would provide much stronger evidence than just showing one of his passwords to a user. At the same time, by checking websites such as haveibeenpwned, users can see if their email address has been leaked, increasing the likelihood that they will become the target of a sexton fraud.

  • Protect your systems from the latest cyber threats with the best antivirus software
Spread the good stuff:
This post contains affiliate links, to find out more information, please read our disclaimer.
The price written on this page is true as the time it is written. It may change at any moment.

Related Posts