More than 200 million e-mail accounts are the target of a new six-month scam, according to information released Monday by cybersecurity company Cofense. The practice is to threaten to expose sexual photos or videos of the victim on the Internet if money is not deposited in return. The addresses were obtained from leak lists available on the Internet and this, according to the company, is the largest e-mail leak used for sextortion to date, with a loss of $ 1.5 million to the victims.
New sextorso scam uses porn sites and videos to earn Bitcoin
Sextorso the practice of forcing the victim to do something threatening to publish sexual content about her Photo: Pond5
Want to buy a cell phone, TV and other discounted products? Meet the Compare dnetc
Cybercriminals use the spray and pray strategy: instead of targeting new victims, they trigger messages to a long list of emails taken from previous scams. With this, hackers ensure that the return percentage, however small, will be profitable since the selected people are likely to respond.
"If your email address is found on a target list used by the botnet, it is very likely that you will receive a sixth email if that has not yet been received," explains Aaron Higbee, Cofense's chief technology officer.
In general, messages of sexual extortion claim to have taken control of the webcam and filmed the user in a compromising situation. Other times, email may threaten to reveal browsing history on adult websites, for example.
The sex-bot botnet that Cofense Labs monitored in the first half of this year has over 200 million compromised accounts. The company was able to analyze more than seven million e-mails with sextape scams. Of those, about 1,200 got victims of the scam, paying off criminals to avoid having data exposed on the Internet. As a result, the tactic has given hackers $ 1.5 million in payments to Bitcoin wallets associated with sextortion campaigns.
While it is not possible to avoid receiving sexual extortion emails, there are actions that can help you not fall into these criminal scams. It is important to ensure that your computer or mobile phone has the latest antivirus, which reduces the chances of hackers accessing the webcam remotely. It is also worth keeping the camera turned off or covered when not in use.
Example email from sextorso Photo: Divulgao / Cofense
It is also recommended to avoid sharing intimate content through emails or messaging applications, especially with strangers or unfamiliar people. According to a survey by Karspersky, 34% of Brazilians have already sent photos of their type to partners or friends, and 28% have filmed or photographed themselves intimately using their mobile phone or tablet. In addition, it is prudent to disable the upload of this type of media to the cloud since, in case of stolen the service user password, the data may be accessed by third parties.
You can check if your email address is in Cofense's cybercriminals database by visiting the company's website: https://cofense/sextortion/
If you have already received emails with this type of threat, the company warns: do not respond, do not pay and click on links in the message. "Email owners included in the database must change the passwords of the accounts associated with that address. And most importantly, if a sextortion email is received, we do not recommend responding to pay the ransom," warns the statement. .