Security researchers are sounding the alarm on the rise of extortion scams, urging users to stay vigilant in the face of these threats. According to Proofpoint, a leading cybersecurity company, they are blocking an average of one million extortion emails per day, with the number spiking to two million on particularly busy days.
These scams typically take the form of sextortion schemes, where the attacker claims to have compromising footage of the victim watching explicit content and threatens to share it with the victim’s entire contact list unless a ransom is paid in cryptocurrency. While these types of threats are not new, the sheer volume of such emails being blocked by Proofpoint highlights the widespread nature of these scams.
In many cases, the emails contain personal information such as passwords, which adds credibility to the attacker’s claims of having access to the victim’s device. However, this information is often obtained from previous data breaches rather than through hacking the victim’s device.
The use of cryptocurrency in these extortion schemes allows the attackers to remain anonymous and evade detection. Proofpoint researchers believe that without the anonymity provided by cryptocurrency, these extortion scams would not be as successful as they are today.
In addition to sextortion scams, cryptocurrency is also being exploited in other types of cybercrime, including traditional business email compromise (BEC) scams. Attackers are also targeting cryptocurrency wallets in credential phishing attacks, often impersonating well-known exchanges and wallet providers to deceive victims.
Phishing kits that are easily accessible on the dark web make it simple for cybercriminals to launch these attacks, further highlighting the need for users to be cautious and proactive in protecting their personal information and assets online.
As cyber threats continue to evolve and become more sophisticated, it is crucial for individuals and organizations to stay informed and take steps to safeguard their digital identities and financial resources. By remaining vigilant and adopting best practices for cybersecurity, users can reduce the risk of falling victim to these malicious schemes.