Beazley Breach Response Services highlights ‘sextortion’ email threat to businesses
A new form of online bribery by cyber criminals who attempt to extort crypto-currency by claiming to have potentially embarrassing evidence of people using adult websites on work computers is adding to the tide of cyber-related incidents hitting businesses.
So-called ‘sextortion’ involves an email from someone claiming to have accessed the recipient’s work computer. The sender says they have tracked the addresses of pornographic websites the recipient has viewed and to have simultaneously recorded footage of their activity while watching these sites using their webcam.
They threaten to humiliate the recipient by sending all of their email contacts details of their online activity if their demands are not met. The emails often contain a link or zip file they claim directs the recipient to evidence of the internet usage or webcam activity or to a website to pay the crypto-currency ransom. If clicked on, the link may in fact spread malware that can steal information and GandCrab, a common ransomware used by hackers to lock-up the computer until the ransom is paid.
There is no sign yet that the targets of sextortion are anything other than hoaxes targeting random individuals, and it often turns out that no data has been compromised. However, a small number of emails sent out to thousands of recipients may indeed hit home. If these individuals did engage in inappropriate behaviour on their work computer, they could be vulnerable to extortion.
In the fourth quarter of 2018, Beazley Breach Response (BBR) Services was notified of these cases by several commercial clients involving demands for crypto-currency worth hundreds or thousands of dollars.
This comes as cyber-attacks on business email accounts continue to rise sharply. In 2018, the total number of email compromises handled by BBR Services increased by 133%, and the upward trajectory continues.
To increase the authenticity of the demand, in some cases, the email will include an old or current password linked to the recipient’s email address. Such information is often obtained via the dark web where user credentials that have been compromised in earlier data breaches are dumped and sold by cyber criminals.
Katherine Keefe, head of BBR Services at Beazley, said: “As with all types of cyber-attacks employers need to treat seriously email compromise in its many forms. The sources of these emails should be scrutinized and organizations need to ensure employees are aware of practical measures to protect their data, such as via phishing training, and of ways to reduce the instances of email compromises escalating into a more serious cyber incident for organizations.”
Compromises can be expensive and costly in terms of an organization’s reputation, however they are also preventable. See here for advice on how to deal with an email compromise and to read the latest BBR Insight.