Cyber criminals take advantage of every novelty, including Valencia’s DANA, to try to steal from users; but that doesn’t mean they forget their old tricks. Even more so if, despite the passing of the years, they continue to work. And this is exactly what happens with the now classic ‘sextortion‘ emails. The ones where criminals try to blackmail users by threatening to post an intimate video if they don’t bend over backwards and pay a high ransom. ABC had access to one such email that currently reaches users in Spanish. And right from the start the criminals behind it try to worry Internet users who find it in their inbox. “You received this email because I have full access to your inbox and all your devices,” emphasize the criminals, who make repeated spelling mistakes throughout the entire message, one of the most obvious signs that the user is. deal with a cyber scam. The cybercriminals then point out that weeks ago they managed to infect one of the victim’s devices with malicious code and that thanks to this they gained access to all their contacts, WhatsApp messages, emails or the microphone and camera, computer or mobile phone. Thanks to this, they say, they managed to record the user in intimate situations. “I inform you that I have a video in which he appears masturbating, and on the right side the video he watched while masturbating,” the criminals say. The victim is then threatened to share this content with their entire contact list. Provided, of course, that silence cannot be bought with the payment of a ransom. In the email that this newspaper was able to read, 850 American dollars are requested (around 806 euros at the exchange rate), but the amounts vary. There are other examples of this scam in which more or less high sums are requested. What does not change is the form of payment, which is in cryptocurrency, specifically Bitcoin. The criminals claim that once they receive the ransom, they will delete the user’s video in their possession. Now, this has a maximum of 48 hours to meet demand. Otherwise the recording will reach all contacts. But nothing could be further from the truth. The cyber criminals behind these types of scams have not “hacked” the victims’ devices nor do they have any kind of logging. They simply know the user’s account, which they probably accessed thanks to some data leak. But that’s all. “This type of deception is known as ‘sextortion’ and it is important to understand that these recordings are not real. It is a strategy to cause concern and alarm the victim into making the payment out of fear that action may be taken against them “, underlined a few months ago by the National Institute for Information Security (Incibe) after the detection of a scam campaign of this type. Incibe stresses that if you receive such an email, the only thing you need to do is delete it without further ado: “You should not pay the extortionist or try to communicate with him by replying to the email, as in this way you would confirm that your account is active and could be used for future scams.
What are some common signs that an email may be a phishing attempt related to sextortion scams?
Time.news Interview: Understanding the Rise of Cyber Extortion with Cybersecurity Expert Dr. Elena Torres
Time.news Editor: Good morning, Dr. Torres. Thank you for joining us today to discuss a rather alarming trend in cybercrime—specifically, sextortion scams that have resurfaced recently.
Dr. Elena Torres: Good morning. It’s a pleasure to be here and to shed light on this critical issue.
Editor: To start off, can you explain what sextortion scams typically entail?
Dr. Torres: Absolutely. Sextortion scams involve cybercriminals threatening individuals by claiming to have compromising videos or images of them, often obtained through malicious software. They typically demand a ransom to prevent the release of this alleged material. The scam often plays on the victim’s fear and embarrassment, making them more susceptible to compliance.
Editor: We’ve seen a rise in these scams, particularly in light of certain events, such as the recent DANA weather phenomenon in Valencia. Why do you think cybercriminals are quick to exploit such news?
Dr. Torres: Cybercriminals are opportunists by nature. They monitor news and events that can create a sense of urgency or fear among the public, using these situations to launch their attacks. During emergencies or stressful situations, individuals are more likely to panic, making them easier targets. It’s a calculated move to leverage fear.
Editor: In the recent reports, criminals claim to have accessed personal devices and information. How do they typically gain this kind of access?
Dr. Torres: There are several methods. Commonly, they use phishing emails that appear legitimate, tricking users into clicking on malicious links. Once clicked, malware can be installed on the victim’s device. These emails often contain poor grammar or spelling mistakes, which are telltale signs that something is off, but many users overlook these details under panic or stress.
Editor: The emails threatening to release intimate videos sound particularly harrowing. What strategies can individuals employ to protect themselves against such threats?
Dr. Torres: First and foremost, it’s essential to stay informed about cybersecurity best practices. Regularly updating software, using strong, unique passwords, and enabling two-factor authentication can go a long way in protecting personal information. If someone receives such an email, it’s crucial not to panic. They should verify the legitimacy of the claim and consider reporting it to authorities rather than paying the ransom, which only fuels these criminal activities.
Editor: In your experience, how effective are these scams? Are there many reported victims who actually comply with the demands?
Dr. Torres: Unfortunately, yes. Many victims not only comply but also suffer significant psychological distress after the fact. Some estimates suggest that a considerable percentage of victims may feel too ashamed to report the crime. This perpetuates the cycle of fear and compliance, allowing these criminals to thrive.
Editor: It seems that education and awareness are vital. What resources or support do you recommend for individuals who may find themselves victims of such scams?
Dr. Torres: Organizations like the Cybersecurity and Infrastructure Security Agency (CISA) provide excellent resources for understanding and combating such threats. Additionally, local law enforcement and cybercrime units are often equipped to help victims. It’s crucial for victims to know they are not alone and there are channels available for support and recovery.
Editor: Thank you, Dr. Torres, for sharing these insights. It’s alarming to realize how quickly these scams can evolve, but I believe increased awareness is a key strategy moving forward.
Dr. Torres: Absolutely. The more we talk about it and educate the public, the better equipped everyone will be to protect themselves against these tactics. Thank you for having me.
Editor: Thank you for your time, and we hope our readers take this information seriously to stay safe online.