Heads up – Cyber Extortion Threats

There’s a new aggressive form of email attacks that you need to warn your coworkers ,employees, friends and family about. The cyber criminals have beta tested and refined it in Australia, and now the first incidents have been trickling into the States.

Cyber thugs are taking advantage of the vulnerability of intellectual property, threatening to release potentially embarrassing and detrimental information to the public and encrypting data to render it useless to the its owners, among other sinister practices.

The sophisticated attackers are targeting potential victims in an email sequence that starts with pornography and adult dating links, which are then followed up with extortion attempts.

Unlike the risks associated with more traditional cybertheft, such as the loss of customer account data, the risks and costs related to extortion can be indirect and difficult to assess. The conventional thief looks for information, such as credit card numbers, that can be easily converted to money. This data has a direct market value — at least on the black market.

The cyber extortionist, however, takes advantage of information that is valuable to its rightful owner by rendering the data unusable and holding it for ransom or threatening to release it publicly.

According to IT security company Forcepoint, the latest scam threatens to steal users’ privacy, emails that say, “look at this”, then “we know what you just looked at” and demand $300+ payment in Bitcoin.

The email claims that a virus was installed on a porn website which recorded the victim through their webcam. “Then my software collected all your contacts from messengers, e-mails and social networks,” it says. “If I don’t receive my Bitcoins I’ll send video with you to all your contacts.”

Although these are similar to webcam blackmail – where a cyber attacker inconspicuously records record a video of the computer user, often with clothes off, threatening to publish the video public unless ransom is paid – they are fake in most cases.

Carl Leonard, principal security analyst at Forcepoint, said cyber-extortion was a prevalent tactic today. While it largely takes the form of ransomware, he said data exposure threats were growing in popularity.

Company Email Addresses Specifically Targeted

Leonard said company email addresses were specifically targeted, which would have added additional pressure to potential victims “since it implies that a recipient’s work PC was infected and may therefore taint one’s professional image”. “It is important for users to verify claims from the internet before acting on them,” he said. “Most online attacks today require a user’s mistake before actually becoming a threat. This is something that can be mitigated by addressing the weakness of the human point.” We concur.

But Leonard said the scale of this campaign suggested the scammers were bluffing about having compromising information. “If the actors did indeed possess personal details of the recipients, it seems likely they would have included elements [such as name, address or date of birth] in more targeted threat emails in order to increase their credibility.

How to protect from Cyber Extortion Attacks?

Protective encryption of data can safeguard against it being exposed by cyber-criminals. However, this does not protect against further unauthorized encryption that can and will render the data inaccessible. Frequent and prompt backup of generated data can protect the data from tampering, such as covert encryption, but does not keep attackers from releasing data taken from stolen originals.

Protecting against these types of attacks relies on utilizing a defense-in-depth strategy.

Perform regular vulnerability scans on all your outward-facing networks and make it part of your company’s security policy.
Utilize intrusion prevention systems at application layer such as firewalls to provide protection against web-based attacks.
Run network penetration tests that will help you identify network vulnerabilities before criminals do.

Feel free to disseminate among your staff, coworkers and friends. Be safe out there.

Penn Asian Senior Services

13:23 25 Jul 19

Penn Asian Senior Services (PASSi) has worked with Kontech on numerous occasions, and what we've consistently observed is service that combines top-notch knowledge with care & attention to detail. We are a nonprofit that provides services throughout the Greater Philadelphia area from our home base in East Oak Lane -- as may be the case with many nonprofits of a similar size, we come across a wide variety of IT needs within the office, many of which we try to handle in-house. However, there are times where we really do need the guidance/assistance of professional IT consulting. And, whenever we have this need, Kontech is our go-to solution -- we highly recommend the company, which we find to be trustworthy with fairly-priced services. - PASSi

Anita Rodriguez Morrison

18:05 02 May 19

Greetings from Michigan! Our company contacted KonTech IT Services to take care of a UPS battery install for our customer with an office in Philadelphia. KonTech did an awesome job with the installation and documentation. WE will definitely use them again when business takes us back to PA!

Keith Dewey

19:04 12 Feb 19

Working in a demanding field like the hospitality business we are in constant need of upgrades and installations to better our IT systems. Kontech IT services is a solid company that helps us with all our IT needs in a timely and professional manner. Their techs are very knowledgeable and great at making recommendations for your systems as well. I recommend Kontech anyday!!

Haley Klinghoffer

11:34 17 Aug 18

Very responsive and reliable! They have been able to solve all of our technological nightmares. Highly recommend!!

Sambath Phea

01:32 19 May 18

Highly recommend Kontech IT Services for your electrical needs. We had them install a video door bell with 3 indoor monitors and 3 surveillance cameras. Till this day, any questions or troubleshooting we need help with, Kontech IT Services are just a phone call or an email away.

Technolo Sales

19:34 01 Mar 18

We use Kontech IT Services for all our cabling needs in the Philly area. We love the quality of work and their range of expertise. We would highly recommend these guys.

Adam Schran

16:56 21 Feb 18

Konrad visited us and was able to solve a tricky network cabling issue that others were not able to fix. Plus, he explained why it happened and what else we could do to optimize our network equipment and cabling. Friendly, super intelligent guy we would welcome back to our premises any time for additional work as needed. Highly recommended.

brian seyller

12:53 29 Sep 17

Kontech has gone above and beyond to help me with our customers. I would highly recommend using them!

The growing cyber extortion and cyber blackmail trends

Heads up – Cyber Extortion Threats

How to protect from Cyber Extortion Attacks?

Leave a Reply Cancel reply