Extortion Scams Continue

The NJCCIC continues to receive reports of extortion scams, similar in nature, submitted by individuals throughout New Jersey. The threat actor sends emails to the target claiming they compromised the target’s email account and computer, and then used their webcam to record them visiting adult content websites. The threat actor attempts to convince the target of the email’s validity by including one of the target’s legitimate passwords, which is most likely obtained from previous breaches in which this information was exposed and not a result of compromising the target’s computer.  In addition, they claim they have access to the target’s contacts and will send the video to the list of contacts if the target does not pay in bitcoin within a set timeframe or if the message is shared with someone else. If payment is received, the threat actor claims the video will be deleted. The emails also contain spelling and grammatical errors. The NJCCIC recommends users educate themselves and others on this and similar scams to prevent future victimization. There is no indication that any of these threats are credible. Anyone who receives one of these extortion emails should ignore and delete it. Additionally, organizations are advised to implement Domain-based Message Authentication, Reporting and Conformance (DMARC), Sender Policy Framework (SPF), and Domain Keys Identified Mail (DKIM) to help detect and prevent email spoofing. We encourage users to report cyber incidents via the NJCCIC Cyber Incident Report Form and the FBI’s Internet Crime Complaint Center (IC3) website.