- Get link
- X
- Other Apps
"Pay bitcoins or I'll post videos of you masturbating." With such threats, criminals want to extort Bitcoins via email. They even use the recipient's personal data in the mail. They mostly come from hacks or address databases.
The essentials in brief:
· Unknown senders claim, among other things, to have hacked the recipient's webcam and filmed them doing "sexual acts on themselves".
· The recipient should transfer a certain amount in Bitcoins or the video will be published.
· To increase the pressure, the emails can also contain personal data such as mobile phone number, postal address or bank details.
Words
like: "It's about your safety" or just "Account" or
"Video" are in the subject and is intended to entice the recipient
of the email to open it. The text is about something else: blackmail. The
unknown senders write to recipients who
were apparently randomly selected that
they had hacked their webcam and filmed them watching porn and "sexual
acts on themselves". Only if the recipients transfer a certain amount
in bitcoins could they prevent the films from being passed on to families and
friends or being published.
In our opinion, these emails are usually not to be taken
seriously. As a rule, this is also the view of the police, as numerous
press releases from various departments show. Nevertheless, it is
important to view such e-mails (see "How to react correctly" below).
In another version, the senders claim they infected the
recipient's computer with software that found pornographic files and threaten
to notify friends and family members about it. Sometimes files are
attached to these blackmail messages that should never be opened! Because
they are very likely to damage the device of the e-mail recipient.
Personal data should increase pressure
The phishing radar of the
consumer advice center in North Rhine-Westphalia has been receiving
numerous such emails over and over again for months. In early 2021,
criminals apparently started a new wave. New here: One day after the first
e-mail, a second comes as a "friendly reminder" - usually from a
different sender. In some e-mails, they want to increase the pressure
even further with real passwords or mobile phone
numbers of the recipients. The senders also include the postal
addresses of their recipients in the e-mails. In mid-November
2019, variants appeared for the first time that contain the name,
address, date of birth and even the bank details
of the recipient.
Such methods have been known for some time from other spam
mails, usually come from cracked databases or the purchase of data sets and
have nothing to do with the claims in the e-mails. However, you should
check the withdrawals from your bank account in case you receive an email with
your correct account number.
In another version of blackmail, the recipients appear to be the
senders of the messages. The extortionists explain this in the text by
stating that they installed a virus that enabled access to the e-mail account. That,
too, is usually a fictitious claim . Because
what is displayed as the sender of an e-mail can be easily manipulated. The email header provides
information about the real sender (or at least the server from which the
message was sent) .
Police speak of "arbitrarily selected addressees"
Police experts are not yet aware of any case in which the
allegations are true. The State Criminal Police Office of Rhineland-Palatinate announced in
May 2018: "The threatening emails are mass mailings to any selected
addressees."
Examples
Example of a ransom note in English:
Blackmail with voluntarily created pictures
The situation is different, by the way, when an attempt is made
in relevant video chats to induce bona fide chat partners to engage in sexual
acts in front of the camera and then to blackmail them with these recordings. There
are actually video recordings here that could also be published. The
police have published some information and tips on
this.
How big is the risk of a camera hack?
In fact, it is not entirely unlikely that a camera will take
pictures unnoticed. The software security company Checkmarx has discovered
a security flaw in Android that allowed apps to access the camera unnoticed -
even if users had not given them permission to access the camera. According
to Checkmarx, smartphones from Google and Samsung were affected. There is
no information about other manufacturers. The danger was eliminated with
an update of the camera app in July 2019, it is said. You can read details
on the Checkmarx website (in
English).
The security company Proofpoint has reported
another serious threat : Since September 2019 the "PsiXBot"
Trojan has been able to start audio and video recordings unnoticed as soon as a
porn site is accessed. The video is saved as an AVI file and then sent to
a server.
How can you protect yourself?
1.
Even if it doesn't look good, it's best to mask your webcam when
you're not using it. This also applies to smartphone cameras.2. Be sure to use up-to-date antivirus software and have it completely scan your computer for viruses from time to time.
3. Install updates for your operating system. Only trust updates that are offered by the operating system itself. Offers by e-mail or on third-party websites can be harmful programs!
4. Only install apps from trusted sources. Before installing, check the manufacturer's descriptions, user reviews and ask critically what you want to use the app for and whether any permissions required are really necessary.
Have your access data for online services been stolen in a hacking attack? There are internet sites where you can find out.
Comments
Post a Comment