In a recent report, it was revealed that about $1.2 million worth of bitcoin were earned by criminals while using sextortion and bomb threat scams. Report released by Symantec, a cybersecurity company, brought the matter into light by analyzing the aforementioned scams taken place in the last 12 months.
The report suggested a very high increase in scamming activities in the said time. Only in the first 5 months of 2019, the company claimed to block 300 million extortion scam emails. Particularly in the month of February, these scams occurred quite frequently. Out of 289 million scam emails, 85 million i.e 30% of the total emails were blocked by Symantec.
Quite different than other scams, extortion scam emails are usually mailed to people with their old passwords as the subject of the mail. Upon opening these emails, people are tricked that their webcams or device were hacked and the sender possesses a photo or video of the victim engaged in some intimate acts.
Then the sender blackmails the recipient to send some amount in bitcoin or else the picture or video recorded earlier will be sent to the recipient’s contact list. In this way, to avoid embarrassment, victims are compelled to agree with the demands of the blackmailers.
There are several variations of styles adopted by cybercriminals to extort money from the victims. Sometimes the sender claims to possess evidence of recipient viewing a porn website. On other occasions, the sender sounding like a member of law enforcement simply claims to find child pornography on the recipient’ electronic device. This was a typical sextortion scenario used by the blackmailers.
However, there are more extortion scam scenarios used in the emails. Bomb extortion is second to the sextortion in popularity. In bomb extortion emails, the sender shares information regarding a bomb with the recipient and asks money in exchange for detonating the bomb.
The sender puts the entire responsibility of the bomb explosion on the shoulders of the recipient. The victim is then blackmailed that if they don’t send bitcoin demanded, they will be responsible for the people who would die from the explosion. So that’s how pressure is built to force payments from the recipient.
The bomb threat scams via emails were also successful in grabbing the attention of the New York City Police Department (NYPD). NYPD tweeted that these mails had no credibility as no bombs were found. Furthermore, people were advised to stay alert and be vigilant of similar scams used just for obtaining monetary gains.
Please be advised – there is an email being circulated containing a bomb threat asking for bitcoin payment. While this email has been sent to numerous locations, searches have been conducted and NO DEVICES have been found. pic.twitter.com/7omOs13Z7Q
— NYPD NEWS (@NYPDnews) December 13, 2018
The scams used for acquiring bitcoin or even Litecoin in some cases, have been quite successful. Up till now, nothing substantial has been found regarding the identity of bad actors behind these scams. However, Symantec is of the view that there might be at least two groups behind these scams.
The reports unveil that these emails weren’t targeted towards a particular audience. Moreover, it seems that these email scams were part of an automated mass-emailing campaigns. As a large audience is targeted with these emails, protective measures should be adopted by people against these types of scams.
People are urged to use strong email protection technologies provided by Symantec like Email Security Cloud and Symantec Messaging Gateway, for protection against email extortion scams. Besides, people were also prescribed to deploy two-factor authentication wherever possible to increase security of their accounts.
Moreover, it was advised that one should not view email or email attachments sent by some unknown source. If received and even opened by the recipient, scams emails should be reported to the relevant authorities. Apart from that, not replying to these emails was advisable.
Email extortion scams where sextortion and bomb threat scams are lethal weapons of the blackmailer, are not very common means of frauding people for cryptos. But they have alarmed the authorities with their occurrence frequency and rising popularity. To deal with them effectively, email securing tools and awareness among people is of utmost importance.