The cyber criminals They are constantly looking for new ways to compromise users’ security, obtain their information or steal money from their bank accounts. In most cases, they resort to phishing and pose as trustworthy companies to get the victim to voluntarily hand over personal information, however, they can also resort to more aggressive tactics.
The company of ESET cybersecurity, reported that a hoax is being spread by email that, at the moment, targets people located in Argentina. These messages make users believe that they are victims of extortion, that their computer has been “infected” with malware, and that there is a compromising video that will be released unless a payment is made. Bitcoin.
According to the report, something that differentiates this campaign is the inclusion of the personal data of the person who sends the extortion message. Victims can see the full name and document number (DNI) of the attacker who, in the subject of the email, writes “You have a pending payment”.
In the message, in addition to explaining how the attacker was able to collect different intimate videos through malware, he requests the payment of money through Bitcoin to a virtual wallet. If they don’t do it within 48 hours, they threaten to spread the video among the victim’s WhatsApp contacts and publish it on the Internet.
However, the attackers did not have access to the computer or collect intimate videos, and the device was also not infected with malware. The deception consists of making people believe that this was possible, but when the payment was made by users who believed the messages, it is too late. Currently two transactions have been recorded by victims of the scam.
According to the cybersecurity company, once the transactions were made, the virtual wallet spent or transferred part of the money, which until now is equivalent to about 663 dollars. In addition, it was confirmed that it was reported by different people who received similar emails asking for payments of up to 950 dollars through Bitcoin.
Leaked data could be the origin of the deception
Attacks using these types of extortion messages could be due to old data breaches in which user data was compromised. That would be the reason why people received emails of this type.
According to the corroboration of some data made by the investigation team of the site ‘HaveIBeenPwned’, a site that allows verifying if an email address or password was exposed in a leak, the address of the person who received the email was exposed in nine security breaches suffered by different services, such as LinkedIn, Bitly, Canva, Taringa and other platforms.
“With the different leaks, and the fact that sensitive information is circulating publicly, it opens up the possibility that malicious actors use it for specially targeted social engineering campaigns,” said Camilo Gutiérrez Amaya, head of the ESET Latin America Research Laboratory.
How to avoid being a victim of cybercriminals
If users are aware that their data has been compromised in some way in an information leak on a website or digital service, the initial recommendation is to change the access credentials to these pages, as well as other sites where they are found. used the same password. In addition, any mail that is out of the ordinary or that presents an unproven emergency situation should be suspected.
People are also advised to keep their systems up to date with the latest versions, including security patches, to have an antivirus on all devices, to establish strong keys or use a password manager, and to activate two-factor authentication in the services that they use. is available.