Two Million Extortion Emails Blocked Every Day

Uploaded on 2022-07-20 in NEWS-Cybersecurity News, FREE TO VIEW

The cyber security & compliance experts at Proofpoint say they block one million extortion e-mails every single day, increasing to two million on higher volume times. This figure sometimes has gone over two million on high volume days. Most of the emails claim to have webcam video of the victim engaging in inappropriate sexual activity.

The attacker then threatens to distribute the alleged footage to email contacts unless a ransom is paid.

These typically appear with some variation of a sextortion theme, in which the attacker claims to have a webcam video clip of the sufferer looking at porn and threatens to distribute it to all their email contacts, unless a ransom is paid in crypto currency, usually Bitcoin. Due to the nature of the claims made in the emails, victims are either lured or scared into giving away sensitive information or making a ransom payment.

This sort of threat is not new, but Proofpoint has highlighted how widespread and common they have become.

Easy-to-use DIY phishing kits readily available on the Dark Web make the job even easier for cyber criminals and victim information such as passwords obtained from the Dark Web are sometimes included in the extortion  email to add legitimacy to the threat actor’s claim that they have successfully hacked the machine. However, these passwords are usually obtained from data breaches.

Since  2016, the UK’s National Crime Agency (NCA) has been aware of thousands of victims were falling to sextortion scams in Britain every year.

Crypto currency payments are a key part of these threats, enabling the attacker to remain anonymous and in some cases, crypto currency wallets themselves are targeted in credential phishing attacks. Threat actors typically spoof big names in the industry, such as the crypto currency exchanges Celo and Binance and wallet vendor Trusted. Indeed, phishing for NFT and wallet credentials use similar techniques, say Proofpoint.

Thousands of victims fall victim to sextortion scams around the world each year and Proofpoint makes it clear that the threat remains high.

Proofpoint Proofpoint:    National Crime AgencyNational Crime Agency:   Oodaloop:   

Infosecurity Magazine:   Alltech:    

You Might Also Read: 

Future Phishing Attacks Will Use Generative Machine Learning:
 

« A New Era of Ransomware
Companies Going To War On Social Media »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Copper Horse Solutions

Copper Horse Solutions

Copper Horse specialises in mobile and IoT security, engineering solutions throughout the product lifecycle from requirements to product security investigations.

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Steganos

Steganos

Steganos offers highly secure and easy to use software tools that protect and secure on and offline data.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

DarkLight

DarkLight

DarkLight is a cybersecurity platform that mimics human thinking at scale to build resiliency to Advanced Persistent Threats.

Kindus

Kindus

Kindus is an IT security, assurance and cyber security risk management consultancy.

Cyber Security Forum Initiative (CSFI)

Cyber Security Forum Initiative (CSFI)

CSFI is a non-profit organization with a mission to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training.

KanREN

KanREN

KanREN is a member based consortium offering custom, world-class network services and support for researchers, educators, and public service institutions in the state of Kansas.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

BARR Advisory

BARR Advisory

At BARR Advisory, we build trust through cyber resilience. We help protect the world’s data, people, and information networks through a human-first approach to cybersecurity and compliance.

AI Safety Institute (AISI)

AI Safety Institute (AISI)

The AI Safety Institute’s mission is to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.

Cyber Guru

Cyber Guru

Cyber Guru is an effective cybersecurity awareness training platform, enabling organisations to increase their resistance to cyber-attacks by changing employee behaviour.

Sandfly Security

Sandfly Security

Sandfly focuses on Linux security that is high performance, high stability, high compatibility, and low risk.