A recent report shows that last week, employees in the U.S have been bombarded by a spam attack! This attack pushes a double-whammy of a sextortion attempts combined with ransomware!
Starting around May 2018, there have been a number of attack waves pushing different versions of sextortion threats.
These attacks vary from criminals claiming they were from China, to hackers claiming to have hacked online accounts. There have also been claims of hacked cell phones.
These themes can change a weekly basis, since scammers professionally test different themes and tactics to determind the best ROI. And they’ve been making with ease!
However, sextortion scams haven taken a dangerous turn. Researchers have said they’ve seen a new sextortion scam that includes a download link at the bottom of the phony email.
The scammers claim to have a video of the user pleasuring themselves while visiting adult sites, and they urge the user to access the link and see for themself. However, instead of a video, users receive a ZIP file with a set of malicious files inside.
Users who download and run these files could be infected by the AZORult malware, which would immediately download and install the GandCrab ransomware. Even if the user had no intention of paying the sextortion demand, curious users could still end up being held for ransom if they were to follow the link.
If any of this type of emails make it through the spam filters, please follow your organization’s email security policy, and, as always, Think Before You Click!