Security Warning: Current Wave of Scams Is Blackmailing Internet Users

Cybercriminals are currently trying on a large scale to extort money from unsuspecting Internet users with fake emails. In these messages, the scammers claim that they gained access to users' devices and recorded users while watching pornographic videos. Not only would they have recorded the alleged victim, but also the streaming porn video. If no ransom is paid, the scammers threaten to send the alleged mp4 file to the recipient's contact list. Security experts warn that these fake emails, known as scams, are currently being sent en masse to users. Those affected should by no means fall for the scam and pay money.

"The blackmailers are demanding around 2,000 euros in Bitcoin within 48 hours from the supposed victims," ​​explains Thomas Uhlemann, Security Specialist. “Recipients should never fall for this rip-off. The computer was not hacked and no video was recorded. "

The Current Case - Sex Sells?

Security researchers have already discovered several waves of these emails. Initially, these messages were mainly in English. In recent days, however, Internet users have also come into the focus of fraudsters. In contrast to other forms of scam, a ransom is to be extorted here so that the criminals do not send the alleged recordings of the computer user while watching pornographic videos to friends, work colleagues, and relatives. "If you want me to delete both files and keep them secret, you'll have to send me bitcoin payments. […] You can visit the police, but nobody will help you. […] My software has all of your e-mail contacts and a list of your friends on Facebook [..] ”, so the claims of the cybercriminals in their spam emails.

The Current Scam Relies on Social Engineering

In the current wave of scams, there is a strong emphasis on social engineering. In one version, the perpetrators even use the alleged victim's email address. In doing so, the scammers reinforce the illusion that they have access to the recipient's computer. According to security experts, the basis for the current wave is the address data of Internet users who fell into the hands of cybercriminals through data theft.

What Is a Scam?

A large-scale online fraud scenario is called a scam. The aim of these campaigns is to induce Internet users to act rashly. These are to be made to pay money to fraudsters or to reveal personal data, for example. This scam does not rely on attacking the technical infrastructure but on targeted psychological manipulation of the user ("social engineering"). The scam is often spread via email or social media. Another well-known form of this type of fraud is the “Nigeria Scam”, in which the senders claim to have access to data for accounts of former rulers or deceased business people and to have to transfer the money on them abroad as quickly as possible. For this, the criminals are dependent on the help of the mail recipient.

Tips Against Blackmail Scam

·         Check e-mails critically: If the text is riddled with errors or the structure seems strange, the e-mail should be deleted immediately. Under no circumstances should any links be clicked.
·         Never Reply: Users should never reply to these emails. In doing so, they signal to the criminals that the address is being actively used.
·         Do not open attachments: Attachments in these emails should never be opened. In the worst case, these files contain malicious code that gets onto the computer and still gives the criminals access.
·         Do not pay a ransom: Under no circumstances should those affected accept the demands and pay the requested ransom. Payments made should, if still possible, be canceled immediately.
·         Install security software: A powerful security solution like total security is a staple for PCs, Macs, and mobile devices. This should offer comprehensive protection against malware with helpful functions such as spam and phishing protection as well as password managers.
·         Check e-mail address: Users can check on the website of the Hasso Plattner Institute whether their own address and access data have fallen into the hands of criminals in the event of data theft. If there were any incidents, the password should be changed immediately. Activating 2-factor authentication is even better. In addition to the password, there is another factor such as a one-time code.
·         Securing evidence: If users have fallen into the trap or if there are still doubts, the email should be saved as evidence and the police should be contacted immediately. It is difficult to prosecute the perpetrators because they operate from abroad, but the case should be reported.