By Jon Dougherty
(TNS) In the Internet age, hacking has become commonplace, which has also led to new phenomenon: Extorting victims of hacks when the information stolen is compromising.
- Check out “DEEP STATE 2019: A New Generation of Scandalous Manipulation” — download for FREE in Crisis Reports
Five years ago, in 2015, Ashley Madison, the website that encourages users to have affairs, was hacked and users’ information stolen.
Now, the cyberthieves are finding new ways to filch money from the victims: “Sextortion.”
As CNBC reports:
Researchers at email security company Vade Secure found the new scam earlier this year, when they saw a small number of targeted emails with apparent information from Ashley Madison breach victims. The scam emails seemed to be well researched, with not just the users’ email addresses but information like when the victim signed up, their username, and their interests they entered on the site, said Adrien Gendre, chief product officer for Vade Secure.
The threats are a worrying evolution of the sextortion scam because they appear to incorporate real information.
Most of the time sextortion involves fraudsters making fictional, dubious claims about victims via email. A typical scam is where the sender claims the person who has received the email has been caught in some sort of compromising situation via their computer, or that the sender claims to have pictures of an alleged affair the recipient is having.
In such cases, cybercriminals send out thousands of similar-sounding emails in the hopes of persuading even a few people to fall for the scam, in which the cybercriminal then makes an extortion payment request. In a vast majority of such cases, the alleged recordings and affairs are not real.
However, CNBC notes, in the Ashley Madison cases, Gendre noted that the fraudsters are using carefully selected information that appear to be from actual Ashley Madison subscribers. They are then putting that personal information into more precisely written emails to those individuals.
Ransomers are demanding around $1,000 in bitcoin in exchange for keeping the information secret. Because they have grains of truth scattered within the emails, this particular cyber-scam sets itself apart from most others.
“Gendre said he’s particularly concerned because the Ashley Madison breach affected individuals with corporate and government email addresses, which could make them particularly susceptible to paying the bribe,” CNBC reported.
Vade is not able to observe how many people have paid the attackers, Gendre said.”
In July 2015, hackers calling themselves the “Impact Team” downloaded about 60 gigabytes of personal information from the Ashley Madison website, which lists itself as a matchmaking service for committed or married individuals who want to fool around.
- Click here for the Internet’s greatest sports news aggregate – NFL, MLB, NHL, NBA, NCAA, MMA, Boxing, Horseracing, Auto Racing and more at NationalSportsDesk.com
Later, the data was released publicly online.
The hackers said they stole and then released the data to get back at the website’s owner, Avid Life Media, based in Canada, for deceptively using bots posing as real women on the site.
An analysis by Gizmodo later revealed that only around 1% of the registered female accounts on Ashley Madison at the time of the breach belonged to active users.
- We need your help to grow, pure and simple. Share our stories, make sure to tell your friends about this site, and click the red bell in the right corner for push notifications.
GOT SOMETHING TO SAY? COMMENT BELOW