As if you were a Celebrity or Influencer whose mobile phone has been hacked, you receive an email in which they threaten to publish an alleged compromising video. And in order not to do so, they demand a ransom in return. You must pay? No, because it is a scam, part of a Phising campaign to get your money.
Post a compromising video
The INCIBE, National Institute of Cybersecurity, warned a few months ago of a campaign to send fraudulent emails that tried to extort money from victims to pay an amount of money in cryptocurrencies, as a ransom to avoid the leak of an alleged video intimate. A scam that has returned.
In order to achieve their objective and give credibility to their requests, cyber criminals report that one of the victim’s devices has been infected by a Trojan-type malware, allowing it to record everything that happens in front of the device.
If the victim does not pay the amount requested by the cybercriminal within 48 hours, the criminal will proceed to send the compromising video to the victim’s contacts on social networks and email accounts. According to the email, cybercriminals are trying to get the victim to pay the requested ransom in bitcoins to avoid the alleged leak of the video. This supposedly would have been recorded through the camera of a device previously infected by a Trojan.
Infected by a Trojan
To make the cybercriminal’s requests more credible, the cybercriminal falsifies the sender’s address, making it appear that the mail has been sent from the same recipient’s account when in fact it is not. The subject used in the detected emails is “Commercial offer”, although it is not ruled out that there are other emails in circulation with different subjects than the one detected by INCIBE.
The body of the message indicates that the hacker is in possession of a video with sexual content, which he will make public to his contacts and acquaintances if within 48 hours the victim does not make the required payment ($ 750) in bitcoins to a specific electronic wallet . Although other figures such as 1,000 euros are also being seen – it seems to change depending on the email.
If you, a friend, relative, colleague or employee of your company have received an email with these characteristics, ignore it. It is a scam attempt and in reality no computer has been infected with the supposed malware, nor have they obtained your contacts, nor is there any video.
But if you have accessed the blackmail and made the payment, INCIBE advises that you collect “all the evidence you have (screenshots, emails, messages, etc.) and contact the State Security Forces and Bodies (FCSE) to file a complaint ”.