Another Extortion Scam Claims to Have Installed Malware

Another extortion scam is making its rounds, this time claiming to have installed a remote access trojan onto the target’s network using the EternalBlue exploit. The scammer sends a threatening email claiming that when the target visited an adult content website, a trojan was installed on their device which recorded video of them. The scammer threatens to send the video to the target's contacts unless a ransom is paid. The scammer attempts to convince the target of their claim’s validity by referencing one of their passwords, making them believe the scammer has access to their device. This password, however, was likely obtained from a previous breach in which this information was exposed and not by compromising the target’s device. If you are currently using the password contained in the email, promptly change it for any associated accounts. The NJCCIC recommends users educate themselves and others on this and similar scams to prevent future victimization. To date, there is no indication that any of these threats are credible. Anyone who receives one of these extortion emails are advised to ignore and delete it. We encourage users to report cyber incidents via the NJCCIC Cyber Incident Report Form and the FBI’s Internet Crime Complaint Center (IC3) website.