Cybercriminals understand that for cyber blackmail scams to be successful, they first need to instil fear in their victims, and a new extortion campaign hitting UK internet-users does exactly that.
Cyber fraudsters have been attempting to trick people into handing over money, by using their stolen passwords to make them believe they have hacked into their web cameras and obtained intimate footage of them.
Victims are targeted with an email which claims to have video evidence of them watching adult content online and threatens to send the footage to their friends and family, unless they pay a fine in Bitcoins. But here is the crux that makes the scam so convincing – the attacker tells the victim their own password, which is legitimate, but has been pulled from a site which holds data stolen from breaches.
Attacks like this play on victim’s emotions- afraid, embarrassed or just shocked, they will often hand over their money, in an attempt to stop the ‘footage’ seeing the light of day- thus playing right into the criminal’s hands.
The passwords used by the criminals in this case are often old and have been stolen in previous breaches- but in some cases, if the victim has not changed the breached password, it may still be in use.
To avoid falling victim to a cyber black mail scam like this one, it is recommended internet-users follow the below steps:
· Stay Calm- don’t act rashly. Take your time to understand what the email is saying, and don’t pay the criminals in the heat of the moment.
· Research! Scams like this are often widespread, and circulation is often discussed on social media and in the news. A quick google search will let you know how many others have been targeted, and give you a rundown on the scam!
· Practice good password hygiene. If the password they seem to have is still in use, change it on every account immediately. Regularly change your passwords, and always make sure they are complex.
· Don’t negotiate with the criminals! Never interact with the email, and certainly don’t try and get in touch with them. Trying to contact and/or negotiate with them, will not help.
· Never pay a ransom- it will only make you appear vulnerable. Paying the ransom may make you more of a target for the criminals in the future.
While being on the receiving end of an email like this will certainly cause some embarrassment, it is never recommended to pay the fine. Instead internet-users should follow the above advice which should help protect them from these types of scams in the future.