Two Million Extortion Emails Blocked Every Day

The cyber security & compliance experts at Proofpoint say they block one million extortion e-mails every single day, increasing to two million on higher volume times. This figure sometimes has gone over two million on high volume days. Most of the emails claim to have webcam video of the victim engaging in inappropriate sexual activity.

The attacker then threatens to distribute the alleged footage to email contacts unless a ransom is paid.

These typically appear with some variation of a sextortion theme, in which the attacker claims to have a webcam video clip of the sufferer looking at porn and threatens to distribute it to all their email contacts, unless a ransom is paid in crypto currency, usually Bitcoin. Due to the nature of the claims made in the emails, victims are either lured or scared into giving away sensitive information or making a ransom payment.

This sort of threat is not new, but Proofpoint has highlighted how widespread and common they have become.

Easy-to-use DIY phishing kits readily available on the Dark Web make the job even easier for cyber criminals and victim information such as passwords obtained from the Dark Web are sometimes included in the extortion  email to add legitimacy to the threat actor’s claim that they have successfully hacked the machine. However, these passwords are usually obtained from data breaches.

Since  2016, the UK’s National Crime Agency (NCA) has been aware of thousands of victims were falling to sextortion scams in Britain every year.

Crypto currency payments are a key part of these threats, enabling the attacker to remain anonymous and in some cases, crypto currency wallets themselves are targeted in credential phishing attacks. Threat actors typically spoof big names in the industry, such as the crypto currency exchanges Celo and Binance and wallet vendor Trusted. Indeed, phishing for NFT and wallet credentials use similar techniques, say Proofpoint.

Thousands of victims fall victim to sextortion scams around the world each year and Proofpoint makes it clear that the threat remains high.

Proofpoint Proofpoint:    National Crime AgencyNational Crime Agency:   Oodaloop:   

Infosecurity Magazine:   Alltech:    

You Might Also Read: 

Future Phishing Attacks Will Use Generative Machine Learning:
 

« A New Era of Ransomware
Companies Going To War On Social Media »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Guardian360

Guardian360

The Guardian360 platform offers unrivalled insight into the security of your applications and IT infrastructure.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

Cydome

Cydome

Cydome offers full-spectrum cybersecurity solutions tailored for the maritime industry.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

Amnesty Tech

Amnesty Tech

Amnesty Tech's Security Lab leads technical investigations into cyber-attacks against civil society and provides critical support when individuals face such attacks.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

Xalient

Xalient

Xalient is an IT consulting and managed services business, specialising in modern, software-defined networking, security and communications technologies.

ExactTrak

ExactTrak

ExactTrak provide embedded cyber security solutions for your digital devices – whenever and wherever you need them.

SyberFort

SyberFort

SyberFort offers a suite of SAAS-based platforms designed to fortify your digital defenses including Threat Intelligence and Brand Protection.

Telenor Cyberdefence

Telenor Cyberdefence

Telenor Cyberdefence is a newly established (2024) cloud-born Managed Security Service Provider focused on the Nordic markets.

WillCo Tech

WillCo Tech

WillCo Tech works to enhance national security and force readiness for military and commercial enterprises with a suite of software capabilities surrounding the human element of cybersecurity.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.