LinkedIn Used As The Vehicle For A Global Scam

In a world where everyone is so dependent on social media, apps and the Internet as a whole, it’s no surprise to see cyber-crime hitting new heights. Cyber criminals keep coming up with novel ways to target vulnerable users but this new report by a security research firm comes as a real revelation. Cyber criminals are looking at “targets” who are vulnerable to ‘sextortion’. 

According a report by security research firm Digital Shadows, “The extortionist provides the user with a known password as “proof” of compromise, then claims to have video footage of the victim watching adult content online, and finally urges them to pay a ransom to a specified Bitcoin (BTC) address.”

The report further highlights that the people who are targeted are relative high net-worth individuals (HNIs) and include doctors and lawyers whose LinkedIn profiles are scoured by cyber criminals. Cyber criminals are actually, according to the report, training extortionists and even sell something called blackmail guides for as much as $10. 

Digital Shadows gives an example of a ‘sextortion’ tactic and how it works. Criminals start by creating a profile and then embark on an online relationship with a married man and then threatens to reveal details of the affair with his partner unless a ransom is paid. 

What’s more interesting is that cyber-crime groups are “promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors with extortion scams.” 

The salaries, based on certain conditions, can go as high as $1,080,000 per year.

So far, according to Digital Shadows’ tracking campaign, a sample of 'sextortion' cases were found from July 2018 to February 2019. About 89,000 unique recipients faced some 792,000 extortion attempts against them. 

The Digital Shadows report further reveals that “an analysis of Bitcoin wallets associated with these scams found that 'sextortionists' could be reaping an average of $540 per victim.” On an average, victims have paid Rs 39,000 to these 'sextortionists'. 

Times Of India

You Might Also Read:

Reputational Damage & The Human Factor In Social Media:

 

 

« US Cyber Command Can Cut Russian Troll Access
What's The Difference Between AI And Machine Learning? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Veeam

Veeam

Veeam is the leader in intelligent data management for the Hyper-Available Enterprise.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Cyber Security Agency of Singapore (CSA)

Cyber Security Agency of Singapore (CSA)

The CSA is the national agency overseeing cybersecurity strategy, operation, education, outreach, and ecosystem development.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

White Hawk Software

White Hawk Software

White Hawk provides code tamper-proofing solutions to protect mission critical software applications from malicious and Zero day attacks and reverse engineering at run time.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

HolistiCyber

HolistiCyber

HolistiCyber provide state-of-the art consulting, services, and solutions to help proactively and holistically defend against a new era of constantly evolving cyber threats.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Halborn

Halborn

Elite blockchain cybersecurity. Award-winning ethical blockchain hackers to secure your stack end-to-end. Far beyond smart contracts.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

BugProve

BugProve

BugProve offers a firmware analysis tool that speeds up security testing processes and supports compliance needs by automating repetitive tasks and detecting 0-day vulnerabilities.