SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Blockchain
#
Cryptocurrency
MailGuard warns against extortion phishing emails
Mon, 20th Apr 2020
FYI, this story is more than a year old
Author image
By Catherine Knowles, Journalist
Follow us

MailGuard has highlighted dangerous email scams following its interception of a large run of extortion phishing emails that demand a ransom payment in bitcoin.

According to MailGuard, there are several versions of the email scam, however the overall theme is the same and all attempt to blackmail their target.

For instance, the email will tell the victims that sensitive, often deeply personal and embarrassing information has been obtained and unless a ransom payment is made in bitcoin the content will be published.

The emails use various display names, subject titles and sender details. Some utilise compromised accounts and others forge the recipients' email addresses to confuse or trick the target into thinking their account has been hacked, as claimed in the email.

In many cases, the email contains the user's password from compromised accounts, in fact often in the subject line, to demonstrate that the cybercriminals have access to the account.

MailGuard states, “We strongly advise all recipients to delete these emails immediately without responding. Please share this alert with your social media network to help us spread the word around this email scam.

“It is key to remember that these scams are all fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia.

"This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you," the company wrote in a statement.

According to MailGuard, in most cases if you receive an email there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of scaring recipients into paying the ransom.

The information in the email is often collected from the internet from previously known data breaches. As such, MailGuard recommends people to not give the perpetrator any money or images, and stop all contact with them.

If a blackmailer is threatening to reveal intimate images online, do not give in to their demands, instead report it to the Office of the eSafety Commissioner.

If the email includes a recognisable password, all accounts that use this password should be changed. Make sure to use a strong password and don't reuse passwords across different accounts. You can also set up 2-factor authentication where available.

To find out where your email may have been included as part of a data breach you can visit Have I Been Pwned.

Related stories
Keeper Security launches user-friendly passphrase generator
Understanding the key to boosting cybersecurity habits: Kaspersky study
How attackers target security blind spots: Three real-life lessons from the SOC
Kaspersky illuminates LockBit ransomware group's advanced tactics
First-party data collection prioritised due to privacy laws
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services