In January this year, Avast threat researchers blocked over 500,000 attack attempts from cybercriminals claiming to have recorded videos of unsuspecting victims during private moments online. These attacks, known as sextortion scams, attempt to blackmail victims by threatening to make these apparent recordings public unless a payment is made to the scammer. Avast threat labs researchers advise people to stay calm and ignore sextortion emails instead of reacting to them, as they usually are fake claims.
Cybercriminals have been using the increase in video conferencing services during the Covid-19 pandemic to validate their false claims and provoke a reaction from the victim. The fraudsters allege to have taken advantage of critical vulnerabilities in the Zoom application, allowing them to access a user’s device and camera. It is important to note that Avast has not found any actual vulnerabilities in the Zoom application.
The email mentions a “recorded sexual act” and “access to sensitive information” which will lead to “terrible reputation damage” unless a payment in Bitcoin or similar is made. A distinctive feature of this campaign is that the emails appear to have come from the victim. However, only the sender name displayed has been modified and clicking on it reveals the real email address of the sender.
“Sextortion scams are dangerous and unsettling, and can even have tragic consequences resulting in the suicide of affected users. During the Covid-19 pandemic, cybercriminals likely see a strong opportunity for success as people spend more time using video conference applications and in front of their computer overall,” said Marek Beno, malware analyst at Avast. “As scary as such emails may sound, we urge people to stay calm if they receive such a message in their inbox and ignore it, as it is just a dirty trick that cybercriminals use to try to get your money.”
Another common sextortion campaign identified by Avast is an email in which the attackers claim a Trojan was installed on the recipient’s machine, which has recorded their actions with a microphone and webcam, and extracted all data from their devices including chats, social media and contacts. A ransom is demanded and often includes a note about a fake “timer” that started when the email was received in order to set a ransom deadline. This campaign is also fake and uses social engineering to coerce people into paying.
How to recognise sextortion emails
- Sextortion scams are emails that falsely claim the sender owns a recording of their screen and camera, showing the user in intimate moments
- The attackers often emphasise the humiliation and embarrassment of the situation to blackmail the victim into paying them money, often in cryptocurrencies like Bitcoin
- Often, the language used is perfect, however sometimes attackers simply seem to be using Google Translate to localise a message, which can be another indicator for users that the message is not trustworthy
- In some cases, the email looks like it is sent by the victim itself, but the true sender can easily be revealed by clicking on the sender name, which will show the email address the message was sent from
- Attackers may show you old, leaked passwords of yours to make their message more credible. However, leaked passwords are sold on the dark web and attackers can easily use them for their campaigns to cause additional concern
How to protect yourself from sextortion emails
- Stay calm - in reality, the attacker does not actually own any recordings and is using social engineering techniques to scare and shame you to encourage you to pay
- Ignore it - treat the email like you would treat spam emails. Do not respond and don’t pay any money
- Change your password - if the attacker highlights an old password that’s leaked, change it to a unique passphrase or to a long, complex password that uses characters, symbols and numbers
About Avast:
Avast (LSE:AVST), a FTSE 100 company, is a global leader in digital security and privacy products. With over 435 million users online, Avast offers products under the Avast and AVG brands that protect people from threats on the internet and the evolving IoT threat landscape. The company’s threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. Avast digital security products for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others. Visit: www.avast.com.