If it seems like non-ransomware extortion (i.e., “sextortion”) scams have been inundating inboxes lately, cybersecurity firm Sophos confirms it has. In fact, potentially to the tune of tens or even hundreds of millions of messages, including at least five different variations in the past few days. Knowing there is no validity to the scammers claim, the messages are still unnerving and a nuisance, to say the least. Even when we have never visited the unsavory sites referenced in the blackmail, the messages that include a password that we likely used are even more unsettling – the email addresses targeted by the scam and the passwords sent as proof to the victims are collected from published usernames and passwords from old website breaches widely published on the Internet. Still, we are left wondering: Where do all these emails come from? Why can’t they be stopped? How many people end up paying? Where does the money go? The researchers at SophosLabs decided to figure it out and follow the money from a massive sextortion spam scheme. Sophos learned, for the most part these huge sextortion spam surges came from innocent users whose computers were infected with spam-sending bots that send its own burst of spam independently from all the other bots. They cannot be stopped because there is not one service provider or email sender that can be identified and taken down to bring the problem under control. According to Sophos, the best way you can help stop these porn scammers from sending so much spam is to make sure that you are not infected with botnet malware yourself. Likewise, using password managers, not re-using passwords across accounts, and using services such as HaveIBeenPwned.com or Google’s Password Checkup can protect people from the use of old passwords by attackers. Read more about the findings at Naked Security by Sophos
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!