Two Million Extortion Emails Blocked Every Day

The cyber security & compliance experts at Proofpoint say they block one million extortion e-mails every single day, increasing to two million on higher volume times. This figure sometimes has gone over two million on high volume days. Most of the emails claim to have webcam video of the victim engaging in inappropriate sexual activity.

The attacker then threatens to distribute the alleged footage to email contacts unless a ransom is paid.

These typically appear with some variation of a sextortion theme, in which the attacker claims to have a webcam video clip of the sufferer looking at porn and threatens to distribute it to all their email contacts, unless a ransom is paid in crypto currency, usually Bitcoin. Due to the nature of the claims made in the emails, victims are either lured or scared into giving away sensitive information or making a ransom payment.

This sort of threat is not new, but Proofpoint has highlighted how widespread and common they have become.

Easy-to-use DIY phishing kits readily available on the Dark Web make the job even easier for cyber criminals and victim information such as passwords obtained from the Dark Web are sometimes included in the extortion  email to add legitimacy to the threat actor’s claim that they have successfully hacked the machine. However, these passwords are usually obtained from data breaches.

Since  2016, the UK’s National Crime Agency (NCA) has been aware of thousands of victims were falling to sextortion scams in Britain every year.

Crypto currency payments are a key part of these threats, enabling the attacker to remain anonymous and in some cases, crypto currency wallets themselves are targeted in credential phishing attacks. Threat actors typically spoof big names in the industry, such as the crypto currency exchanges Celo and Binance and wallet vendor Trusted. Indeed, phishing for NFT and wallet credentials use similar techniques, say Proofpoint.

Thousands of victims fall victim to sextortion scams around the world each year and Proofpoint makes it clear that the threat remains high.

Proofpoint Proofpoint:    National Crime AgencyNational Crime Agency:   Oodaloop:   

Infosecurity Magazine:   Alltech:    

You Might Also Read: 

Future Phishing Attacks Will Use Generative Machine Learning:
 

« A New Era of Ransomware
Companies Going To War On Social Media »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

E-Tech

E-Tech

E-Tech has been providing system support and information technology consulting services including Internet and Network Security assessments.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Alan Turing Institute

Alan Turing Institute

Alan Turing Institute is the UK national institute for data science. A major focus is Big Data analysis with applications including cyber security.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

Oneconsult

Oneconsult

Oneconsult provides cyber security services focusing on penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics.

Cyber Academy

Cyber Academy

Cyber Academy is one of the first institutions in the SE Europe region that provides a hands-on program in cyber security, blockchain and AI.

Cyberens

Cyberens

Cyberens provide cybersecurity consulting services in IT sectors relating to defense and space, banking, industrial control systems and IoT.

URS Certification

URS Certification

United Registrar of Systems (URS Certification) is an independent certification body operating in more than 30 countries within the multinational URS Holdings.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

Internet Infrastructure Investigation

Internet Infrastructure Investigation

Internet Infrastructure Investigation offers a bespoke Internet Governance Solution to your brands online infringement problems.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

Mitra Informatics Integration (MII)

Mitra Informatics Integration (MII)

Mitra Informatics Integration is the information communication technology solution business of the Metrodata Group.

Redapt

Redapt

Redapt is an end-to-end technology solutions provider that brings clarity to a dynamic technical environment.