‘Sextortion’ Is Emerging Cyber Risk for Businesses, Warns Beazley

February 21, 2019

A new form of online bribery is emerging where cyber criminals attempt to extort cryptocurrency by claiming to have potentially embarrassing evidence of people using adult websites on work computers, according to a report issued by Beazley Breach Response (BBR) Services.

So-called “sextortion” is adding to the tide of cyber-related incidents hitting businesses, said Beazley, explaining that the crime begins with an email from someone claiming to have accessed the recipient’s work computer. The sender says they have tracked the addresses of pornographic websites the recipient has viewed and to have simultaneously recorded footage of their activity while watching these sites using their webcam.

The cyber criminal then threatens to humiliate the recipient by sending his or her email contacts details of the embarrassing online activity if their demands are not met.

The emails often contain a link or zip file they claim directs the recipient to evidence of the internet usage or webcam activity or to a website to pay the cryptocurrency ransom. If clicked on, the link may in fact spread malware that can steal information or introduce ransomware used by hackers to lock the computer until the ransom is paid.

There is no sign yet that the targets of sextortion are anything other than hoaxes targeting random individuals, and it often turns out that no data has been compromised, said Beazley.

However, a small number of emails sent out to thousands of recipients may indeed hit home, the company said, emphasizing that if these individuals did engage in inappropriate behavior on their work computer, they could be vulnerable to extortion.

In the fourth quarter of 2018, Beazley Breach Response (BBR) Services was notified of these cases by several commercial clients involving demands for cryptocurrency worth hundreds or thousands of dollars.

This comes as cyber attacks on business email accounts continue to rise sharply, said Beazley, noting that the total number of email compromises handled by BBR Services in 2018 increased by 133 percent, and the upward trajectory continues.

To increase the authenticity of the demand, in some cases, the email will include an old or current password linked to the recipient’s email address. Such information is often obtained via the dark web where user credentials that have been compromised in earlier data breaches are dumped and sold by cyber criminals.

“BBR Services is seeing sextortion emails being sent to individuals in multiple countries, including the UK, and across different industry sectors, from SME to large business,” said Helen Nuttall, international breach response manager at Beazley.

“They are sent in the recipient’s local language, and often include reference to passwords known by the user,” she added.

“These emails are convincing as they often appear to come from within the individual’s own email account. This immediately makes the recipient believe that the account has been compromised. Combine this with the fear of potentially humiliating content being distributed to your friends/family/colleagues, it is easy to see why people are lured into paying the bribe.”

Nuttall said that spoofed emails are nothing new, but users need to be warned about these tactics – especially as these scams are becoming more sophisticated.

“Don’t panic, delete the email, and perform a thorough scan of your computer using a recognised anti-virus solution,” she recommended. “If the email comes from your business email domain, alert your IT department, who should take steps to lock down the domain.”

Katherine Keefe, head of BBR Services at Beazley, said: “As with all types of cyber attacks, employers need to treat seriously email compromise in its many forms. The sources of these emails should be scrutinized, and organizations need to ensure employees are aware of practical measures to protect their data, such as via phishing training, and of ways to reduce the instances of email compromises escalating into a more serious cyber incident for organizations.”

Compromises can be expensive and costly in terms of an organization’s reputation, however they are also preventable, said Beazley.

Source: Beazley