sb-as logo
Story image

MailGuard warns against extortion phishing emails

MailGuard has highlighted dangerous email scams following its interception of a large run of extortion phishing emails that demand a ransom payment in bitcoin.

According to MailGuard, there are several versions of the email scam, however the overall theme is the same and all attempt to blackmail their target.

For instance, the email will tell the victims that sensitive, often deeply personal and embarrassing information has been obtained and unless a ransom payment is made in bitcoin the content will be published.

The emails use various display names, subject titles and sender details. Some utilise compromised accounts and others forge the recipients’ email addresses to confuse or trick the target into thinking their account has been hacked, as claimed in the email.

In many cases, the email contains the user's password from compromised accounts, in fact often in the subject line, to demonstrate that the cybercriminals have access to the account.

MailGuard states, “We strongly advise all recipients to delete these emails immediately without responding. Please share this alert with your social media network to help us spread the word around this email scam.”

“It is key to remember that these scams are all fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia.

"This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you," the company wrote in a statement.

According to MailGuard, in most cases if you receive an email there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of scaring recipients into paying the ransom.

The information in the email is often collected from the internet from previously known data breaches. As such, MailGuard recommends people to not give the perpetrator any money or images, and stop all contact with them.

If a blackmailer is threatening to reveal intimate images online, do not give in to their demands, instead report it to the Office of the eSafety Commissioner.

If the email includes a recognisable password, all accounts that use this password should be changed. Make sure to use a strong password and don’t reuse passwords across different accounts. You can also set up 2-factor authentication where available.

To find out where your email may have been included as part of a data breach you can visit Have I Been Pwned.

Story image
Chinks in the armour: Why the post COVID-19 cloud is easy game for cybercriminals
Now’s the time for CIOs to pause and make sure their digital transformation projects are fit for today, and the future.More
Story image
Google most popular brand to impersonate in phishing campaigns - report
A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, with 65% of this figure using Google as a masquerade.More
Story image
ExtraHop brings SaaS network detection and response solution to market
"Reveal(x) 360 is the culmination of a multi-year R&D investment to secure data centre, remote sites, and cloud workloads with frictionless deployment and actionable insights that can be securely accessed from anywhere.”More
Story image
Months on, many organisations still don't have secure remote access - report
The report analyses the extent to which businesses were prepared for the sudden shift into remote working due to COVID-19 restrictions, and analyses how organisations have adjusted to support remote workers amidst the COVID-19 pandemic. More
Story image
Current security practices 'grossly inadequate' for protecting cloud infrastructures - report
"As cloud stacks become increasingly complex, with new technologies regularly added to the mix, what's needed is a holistic approach with consistent protection across the full cloud stack."More
Story image
DigiCert receives top award from Frost & Sullivan thanks to agile approach
DigiCert has received the 2020 Global Company of the Year Award by Frost & Sullivan, with specific focus on its global transport layer security (TLS) certificate market. More