crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

A new email scam is making its rounds and it has a lot of people concerned with just how much a hacker can peer into one’s private life. How would you react if a stranger emailed you saying they had inappropriate webcam footage of you?

This Scam is a Dirty Trick
This is going to be a taboo subject for many, but it’s a real scam that is quickly getting passed around to users and to some, the risk is so high they might be willing to fall for it. Essentially, an email comes in stating that a hacker got access to your passwords (likely pulled from a list on the dark web from any one of the dozens of web services and businesses that have been hacked over the years). They show off the password to you as proof, right in the email, and mention they have incriminating webcam footage of you, and they’ll share it to your contacts if you don’t pay up.

How It Works
The target of this scam will open their email to find a message that opens by identifying an actual password of the targeted user. The rest of the email reads as one would expect an email of this nature to:

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The email then provides an address for the recipient to send their Bitcoin to, with the recommendation to copy-paste the case-sensitive alphanumeric sequence. The email ends with a warning:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This is not the only version of the email that is out there, but they all follow the same thread and end with the same threat - pay up, or everyone will see what you do behind closed doors.

Is This For Real?
For many people, this is a fair question - and fortunately for many, no, the threats are not legitimate. First of all, the passwords that these attacks are citing are often 10 years old, which means that the criminals likely got their information from an outdated database from some hack from a decade ago.

However, that doesn’t mean that this threat hasn’t been comfortably effective. As of July 19th, a mere 42 Bitcoin addresses had net over $50,000 from 30 victims. While these returns certainly aren’t breaking any records, they are enough to encourage more cybercriminals to leverage similar attacks.

How to Protect Yourself from the Real Deal
Even if this particular threat is little more than an underhanded bluff, that doesn’t mean a legitimate password scam isn’t still well within the realm of possibility. Therefore, the security lessons that can be learned from this particular trend are still extremely applicable.

First and foremost, passwords are like the underwear this probably automated scam claims to have seen its users potentially without - they need to be changed regularly. The fact that 30 people were willing to pay a combined $50,000 tells us two things: they had something they wanted to hide, and they hadn’t changed their passwords in years. Changing your passwords on a regular basis, without repeating them, means that you are safe if one of your past passwords is hacked. After all, the old key to a door won’t work anymore of you’ve changed the lock.

Secondly, and more personally, make sure your webcam is covered up while you aren’t actively using it.

For more best practices, including ones to help preserve your security, keep reading our blog. Reach out to us at (918) 770-8738 to ask about the solutions we can provide to keep messages like these out of your business in the first place.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 18 December 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Managed Service Provider Business Management Cloud Internet Business Computing Best Practices Microsoft Saving Money Productivity Workplace Tips Hosted Solutions IT Services Hackers Backup Malware Email Business Software Data Mobile Devices Hardware IT Support Small Business Network Communication Server Smartphones Upgrade VoIP Computer Business Continuity Mobile Device Management Innovation Google Windows Efficiency Data Backup Disaster Recovery Virtualization Microsoft Office Outsourced IT Tech Term Miscellaneous Mobile Office Vendor Management Social Media Holiday Network Security Gadgets Productivity BYOD User Tips Quick Tips Passwords Android Smartphone Mobile Computing Browser WiFi Bring Your Own Device Windows 10 Internet of Things Data Recovery Managed IT services Remote Monitoring Ransomware Spam Best Practice Users The Internet of Things Operating System Apple Remote Computing Artificial Intelligence Alert Data Management Collaboration Save Money Trending Wireless Technology Content Filtering Going Green History Gmail Firewall Office Customer Relationship Management Unified Threat Management Encryption Router Antivirus Printer Tech Support Current Events Information Technology Cloud Computing Managed IT Maintenance Big Data App Analytics IT Solutions Lithium-ion Battery Facebook IT Support IT Consultant Managed IT Services Phishing Bandwidth Document Management Humor Mobile Device Paperless Office Saving Time Wi-Fi Avoiding Downtime Employer-Employee Relationship Website Customer Service Hard Drives Applications Two-factor Authentication Windows 8 Office Tips Retail IT service Digital Payment Project Management Chrome Cybersecurity VPN Business Growth Risk Management Apps Application Virus Hacking Computers Fax Server Phone System Outlook Healthcare Health Government Compliance Marketing Automation Excel Regulations Point of Sale Blockchain Scam Recovery Managed Service Inbound Marketing Mouse Money BDR Files Net Neutrality Running Cable Social Licensing Wireless File Sharing PowerPoint Social Networking Unified Communications Training Tablet Windows 10 Help Desk Office 365 Data Security iPhone User Error Password Co-Managed IT Downtime Infrastructure Administration Augmented Reality Presentation Budget Vulnerability Information Computer Repair Proactive IT User Programming Data loss HIPAA Company Culture Analyitcs Twitter Education Redundancy Specifications Safety Settings Flexibility Hosted Solution IBM Machine Learning Cost Management Data storage Cybercrime communications Save Time IT Management Internet Exlporer Storage Wearable Technology Remote Monitoring and Management Conferencing Mobility Smart Technology Robot Hiring/Firing Mobile Security Alerts Printing Display IoT End of Support LiFi Computing Statistics Tip of the week Intranet Competition Business Intelligence Network Congestion Recycling eWaste Search Virtual Desktop USB Piracy Remote Workers Business Owner Sports Hacker YouTube Management RMM Virtual Private Network Telephony Technology Laws Typing Nanotechnology Instant Messaging Scheduling Comparison IP Address Google Drive How To Enterprise Resource Planning Tech Terms How To Permissions Touchscreen IT Technicians Monitoring Unified Threat Management Refrigeration Cryptocurrency Disaster MSP Screen Reader Finance Identity Theft Black Friday Google Docs Mobile Theft Assessment Fraud Mirgation Consulting Access Control Bitcoin Digital Signature Proactive Memory Smart Tech Authentication Cyber Monday Laptop Managing Stress Financial Managed Services Provider Private Cloud SharePoint Hacks Documents Connectivity Authorization Halloween Electronic Medical Records Business Technology Entrepreneur Enterprise Content Management Network Management Migration E-Commerce Macro PC Care Public Cloud Downloads Undo WPA3 PDF Value People Employees Distributed Denial of Service 5G Scary Stories Networking Vulnerabilities eBay Hotspot Remote Support Chatbots Features Leadership Sync Multi-Factor Security Fleet Tracking Skype Streaming Media Star Wars Zero-Day Threat New Additions Software Tips Managed IT Service Monitors Virtual Reality Deep Learning Print Server Geography Gaming Console Text Messaging Language Work Station Identity Electronic Health Records Mobile Device Managment Google Calendar Domains Google Wallet Asset Tracking LinkedIn Utility Computing Backup and Disaster Recovery Congratulations Break Fix Fun Writing SaaS Techology Word Law Firm IT High-Speed Internet Video Surveillance Server Management Computing Infrastructure Cyberattacks Legislation Public Speaking Drones Windows 8.1 Update OneNote Best Available Buisness Human Error Dark Web Cortana Social Engineering Chromebook Disaster Resistance Identities Development Cooperation Employee-Employer Relationship Motherboard Read Only G Suite Backups Environment CIO Hard Drive Permission Adminstration Data Warehousing Knowledge Staff IT Consulting Solid State Drive Bluetooth Cables 3D Patch Management Samsung Modem Bookmarks Travel Software as a Service Legal Online Currency Troubleshooting Debate Cache Test Microsoft Excel Experience Operations Politics Data Breach Heating/Cooling Alt Codes Wires Computer Accessories Crowdfunding Cookies Favorites Meetings Technology Tips Consumers

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code