Sextortion is an attempt to extort money or get victims do something against their will by threatening to release embarrassing, personal images or video about the victim. The compromising images may come from the victim's webcam which is hijacked by malware, or it may be fake imagery such as in sextortion scams.
Sextortion attacks often originate by email and are becoming a new form of ransomware. In a recent attack discovered by Barracuda Networks, the attacker used stolen personal data and passwords to gain access to victim's email and personal contacts. The attacker sends an email to the victim flaunting the stolen password to get their attention. They then claim to have installed malware on the victim's computer that can be used to send the sexually explicit images to all their contacts unless the victim pays a ransom.
A sextortion email often begins with a subject line like "your password is…" followed by one of your passwords that the attacker has gained from a data breach. The email will then claim to have the ability to remotely control your computer or distribute sexually explicit or personal images to your friends and contacts. Finally, the email will demand some type of action such as making a payment (often in Bitcoin) or clicking on a link.
Common characteristics of sextortion emails:
- Misspelled or poorly written text
- Evidence of a threat such as revealing a secret password, some data about one of your accounts or the name of a friend or associate
- A claim to have installed malware such as a Remote Access Trojan (RAT) that can take control over your computer or email account
Here is an example of a recent sextortion email:
Do not pay the ramsom! Most sextortion attacks are scams in which the attacker cannot carry out their threat. Attackers are counting on you to act out of fear. Instead, immediately change the password of your email account and any other accounts that you think may have been compromised.
Next, you should take the following basic measures to stay protected:
- Do not pay the demanded ransomware.
- Periodically check if your email addresses have been involved in a data breach using a site such as haveibeenpwned.com.
- Create complex passwords that are different for each of your accounts to make it more difficult for hackers to guess your passwords based on your email address. A pasword manager can make this easier to manage.
- Make sure all your emails and data are backed up. An email protection solution like Barracuda Essentials can automate this.
- Turn off your webcam or install a camera cover on your computer to ensure the camera is not enabled without your knowledge and permission.
- Stay informed by checking sites like Barracuda Threat Spotlight and Barracuda Security Insight.
Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers gateway defense, API-based impersonation and phishing protection, incident response, data protection, compliance and user awareness training. Some of its capabilities can prevent sextortion attacks:
Barracuda Impersonation Protection is an API-based inbox defense solution that protects against business email compromise, account takeover, spear phishing, and other cyber fraud. It combines artificial intelligence and deep integration with Microsoft Office 365 into a comprehensive cloud-based solution.
Its unique API-based architecture lets the AI engine study historical email and learn users’ unique communication patterns. It blocks phishing attacks that harvest credentials and lead to account takeover, and it provides remediation in real time.
Barracuda Security Awareness Training is an email security awareness and phishing simulation solution designed to protect your organization against targeted phishing attacks. Security Awareness Training trains employees to understand the latest social-engineering phishing techniques, recognize subtle phishing clues, and prevent email fraud, data loss, and brand damage. Security Awareness Training transforms employees from a potential email security risk to a powerful line of defense against damaging phishing attacks.
Barracuda Incident Response automates incident response and provides remediation options to address issues faster and more efficiently. Admins can send alerts to impacted users and quarantine malicious email directly from their inboxes with a couple of clicks. Discovery and threat insights provided by the Incident Response platform help to identify anomalies in delivered email, providing more proactive ways to detect email threats.
Do you have questions about sextortion emails and sextortion scams? Contact us today.