** 5.03.2019 update** Following on from our original post, one of our readers got in touch to share a recent story of a Sextortion attack. Find the recent email that they received from a scammer here.
What is Sextortion?
Summed up well by the FBI, “Sextortion is a serious crime that occurs when someone threatens to distribute your private and sensitive material if you don’t provide them images of a sexual nature, sexual favours, or money.”
In the past few months’ sextortion email targeting has become more precise. Usually, these scams are part of a large-scale spam campaign and don’t make it into your inbox. However, cybercriminals have managed to create more sophisticated emails and bypass email gateways. Their emails originate from high-reputation senders and organizations like Microsoft Office 365 or Gmail.
How does it happen?
Victims are receiving emails threatening to send out sexual information or images unless a ransom in bitcoin is paid. According to research undertaken by UK cybercrime investigation firm Digital Shadows, cybercriminals have managed to extort around $332,000 in Bitcoin from a recent email-based blackmail scam. The funds were sent out to over 3,100 unique Bitcoin addresses.
Unfortunately, IT teams are often not aware of these emails because employees pay the ransom or they are too embarrassed to report the email.
Further research by Digital Shadows involved the analysis of over 792,000 emails. These are thought to have been sent from 5 different countries. The countries with the most sent out emails were Vietnam, Brazil, and India. Other studies show that these countries hold 8.5%, 5.3%, and 4.7% of the world’s total number of sextortion attempts respectively.
What does it look like?
Unfortunately, a “sextortion” scam is fairly easy to set up. Cybercriminals send out an email to a victim stating they have acquired an explicit video of them, often claiming to have done so via the users own webcam. The paranoia that this creates occasionally leads the target to send out the funds the scammers have demanded. Research shows these scams often target C-level executives, this is likely to occur as they have funds to pay off the scammers and have a greater reputation that they need to maintain.
The independent report states that sextortion scammers are turning to social media sites to reach high net worth individuals. Affiliates have been offered up to $1.1 million to help target these wealthy individuals. Often this scam involves forming an online fictitious relationship with a married person, then threatening to reveal it to their spouse if a ransom is not paid. Other variations target vulnerable or lonely people, forming relationships online and then extorting them out of money, claiming to have been in an accident and needing care.
Ways to prevent your organization from sextortion scams
Finding a good spear phishing protection solution will help to protect you from cybercriminal blackmail and sextortion attacks. Account takeover protection will make sure that scammers are not utilizing your base camp to launch these attacks. Many sextortion emails began from compromised accounts, always make sure you keep your password safe. With account takeover protection it will recognize when accounts have been compromised and block the user from having access.
Another way you can protect your company from sextortion fraud is proactive investigations. Practice random searches on delivered mail to detect any emails related to password changes or any other red flags discussed. A lot of sextortion emails come from outside of North America or Western Europe so look over where your mail is coming from. If you see any with a suspicious origin report it and block the email from future contact.
Educate users about sextortion fraud. If you manage a diverse user base, make it an obligation to train them on this. Make sure that the employees can recognize any red flags and feel comfortable reporting them.
Sextortion scams look set to continue. As long as you stay vigilant and report potential threats rather than sending funds to unknown fraudsters you can ensure you stay safe from sextortion scams.