Symantec report an increase in extortion scam emails

Symantec has revealed that they blocked almost 300 million extortion scam emails in the first five months of 2019, with a visible peak in a two-week period in February.

The surge was not associated with one particular scam, although sextortion emails are seen frequently by the company. Other variations include:

• English language: Plaintext, no URL in body
• Bomb threat theme
• Using PNG and JPEG images: Email has a PNG or JPEG attachment, which contains the Bitcoin wallet address
• Using PDF attachment: Coin wallet address present in the PDF
• Use of SegWit Bitcoin address

Interestingly, their analysis suggests that cyber criminals are making just over US$1.2 million in a year through such scams.

As you can see from the example below the e-mail is often personally addressed to you, and sometimes they know one of your passwords as well. This information is usually obtained from password dumps. If you are unsure if your e-mail or password has been compromised you can check it here.

Best practices

• Ensure you have strong email protection technologies in place, they will stop these emails from ever reaching your inbox.
• Do not open emails or attachments, or click on links in emails, that are unsolicited or from unknown sources.
• If you do receive one of these emails, do not panic, do not respond, do not click any links or open any attachments, and do not send money to the attackers. Mark the email as spam and, if you feel it is necessary, alert authorities about the email.
• Ensure all your online accounts are protected with strong, unique passwords, and enable two-factor authentication where possible. If you think your account has been compromised or your password revealed in a password dump, you should change it immediately.