The leading Swiss web host confirms several cases of malicious email that arbitrarily attack email addresses found on the Internet. These particularly deceptive emails aim to extort and exploit personal information that has leaked onto the Web. Computers that have allegedly been hacked, theft of old passwords, threats to share intimate videos with all one’s contacts: everything is done to make their targets give in under pressure.
Infomaniak, which is among the leading hosts for private and professional email, is in a well-informed position to understand this phenomenon, reassure users and help them protect themselves.
What should you know about this type of malicious email?
This malicious spam cannot be attributed to any particular messaging service and is produced by organised fraudsters who likely operate from abroad. Like other types of attacks, this type of email manages to escape the detection of the most sophisticated antispam filters by hacking emails that are considered reliable.
These extortion attempts exploit two flaws. The first is technical, the second, and the most dangerous, is human.
Password theft
Websites, even the most important among them, get hacked every day. They include on-line stores, music streaming services, on-line gaming sites or any other site that handles user accounts. In these cases, databases containing members’ logins and passwords are compromised and can be revealed on the Internet. The breach of these data may also occur following spam. Users’ passwords and names are thus revealed and become accessible on the Web.
These logins fall into the hands of the authors of this malicious email, whether they are the perpetrators of the hacking or not. They use it to gather personal information and prepare their offence. The human flaw is exploited in the next phase.
Create fear to obtain money
The real mechanism of this malicious email lies in the plot. To trigger the payment of a ransom, the fraudsters establish a scenario that is supported by the personal information they have gathered previously. Through personal email that is made tangible by divulging the victim’s password, spammers lay a trap that is easy to fall into. They exploit the strategy of a lie wrapped in truth.
Supported by personal details, the fraudsters make their entire scenario plausible. In reality, it is false. It is only aimed at creating fear and guilt: two emotions that can make victims give in to the pressure of a demand for ransom.
This type of email may take the following form:
It appears that, (XXXXX), is your password. You may not know me and you are most likely wondering why you are getting this e mail, right?
in fact, I setup a malware on the adult vids (adult) web site and guess what, you visited this site to have fun (you know what I mean). During the time you were watching videos, your internet browser started out operating as a RDP (Team Viewer) which gave me accessibility to your screen and web camera. and then, my computer software obtained all of your contacts from the Messenger, Microsoft outlook, Facebook, in addition to emails.
What did I do?
I produced a double-screen video. Very first part shows the recording you were watching (you have got a good taste haha . . .), and 2nd part shows the recording of your webcam.
what exactly should you do?
Well, I think, $1000 is a reasonable price for our little hidden secret. You will make the payment by Bitcoin (if you don’t know this, search “how to purchase bitcoin” in Google).
Bitcoin Address: XXXXXXXXXXXXXXXX
(It’s case sensitive, so copy and paste it)Very important:
You have 1 day in order to make the payment. (I have a unique pixel in this e-mail, and at this moment I am aware you have read this email message). If I don’t get the BitCoins, I will certainly send your videos to all of your contacts including family, co-workers, and so forth. Having said that, if I receive the payment, I’ll destroy the recording immidiately. If you’d like evidence, reply with “Yes!” and i’ll undoubtedly send your video recording to your 6 contacts. It is a non-negotiable offer, that being said don’t waste my personal time and yours by answering this message.
In the specific case of this attack, the authors pretend to have hacked the computer of their targets and captured intimate videos via their webcam. This blackmail closes with the threat of distributing these videos to the contacts in the victim’s address book if the ransom (in Bitcoins) is not paid within 24 hours.
What should you do if you are faced with this type of spam?
Even though they are addressed personally, these emails are sent to hundreds, even thousands, of web users. Again, the personal and direct tone aims to destabilise the victim.
If you should receive this type of email, we advise you not to answer it and delete it. Do not pay a ransom.
Then, immediately analyse your computer with a recognised anti-virus and modify your sensitive passwords.
If you have already answered this email or receive persistent reminders, interrupt the correspondence and delete the emails.
If you have paid a ransom, it may be necessary to file a complaint with the police. In this case, make sure you keep all the messages and receipts of the transaction.
How to avoid malicious email.
Above and beyond technical solutions, and because human weaknesses are exploited, the best protection is vigilance. Any unusual situation should raise suspicion. This suspicion must be to your benefit rather than to the sender’s. In any case, remain prudent.
Best practices to reduce the risks
- Use different passwords for each account: computers, email addresses and websites.
- Block automatic image downloading in your messaging software.
- Beware of unsolicited or unusual email from known and unknown senders. The theft of email addresses is frequently used to deceive the receivers of malicious email.
- In case of doubt, don’t act in haste and take the time to check the origin of the message by, for example, calling the author on the phone.
- Don’t open attachments with unknown extensions or which seem unsuitable for the context in which you receive them.
- Check suspicious URLs before clicking on them by copying them into a site like virustotal.com
- Register your email address and password on the haveibeenpwned.comwebsite to check if your logins have been involved in known data hacks. If necessary, you can create an alert to warn yourself.
It is worth mentioning that Infomaniak never asks users to enter their logins or any other personal information in an email (date of birth, address, bank details, etc.). Moreover, our clients are continuously informed of any threats in the service status and in the Manager.
Find out more
Don’t miss all new Infomaniak features
We also suggest...
Infomaniak launches Swiss Transfer, the Swiss high-capacity alternative to WeTransfer
Friday February 15th, 2019
Speed up the page load time of your website anywhere in the world with Fast Anycast DNS
Friday February 1st, 2019
Guest Manager: the one-stop event organisation solution is now more powerful than ever before
Friday January 18th, 2019
Swiss Backup, the Swiss backup solution for Windows, Mac, Linux, iOS and Android
Thursday November 29th, 2018
Infomaniak Sync: the Android app to sync your WorkSpace calendars and contacts
Friday November 9th, 2018
DebConf18 in Taiwan: Infomaniak contributes to Open Source at the highest level
Tuesday October 16th, 2018
WorkSpace 3: the new generation of Swiss Webmail is evolving with its users
Friday September 14th, 2018
Infomaniak launches Jelastic Cloud: the Swiss PaaS platform for developers and businesses
Tuesday September 4th, 2018
ISO 27001: Infomaniak stands out for its optimal management of information security
Friday August 3rd, 2018
Invitation management service: Infomaniak launches a tool for organising your events
Friday July 27th, 2018
Create an on-line store: e-commerce sites are becoming increasingly popular
Wednesday March 21st, 2018
How to create a VPN in Switzerland with a Synology NAS, hosted with Infomaniak
Thursday March 15th, 2018
Infomaniak integrates the European General Data Protection Regulation – GDPR
Tuesday February 6th, 2018
Is your WordPress site not yet in https format? Here is how to enable it
Wednesday November 15th, 2017
5 concrete, simple recommendations for increasing your open rate – Email Marketing
Friday April 28th, 2017
Starting 4 April, your admin console interface is going to be gradually evolving
Thursday March 30th, 2017
Transfer a domain without interrupting the operation of your emails and Internet sites
Monday March 20th, 2017
The Rolex Grand Slam organiser sends its newsletters with Infomaniak: Interview
Thursday November 24th, 2016
A specialized partner of Solar Impulse, Infomaniak is actively involved in the adventure
Tuesday June 16th, 2015
Sync your contacts and calendars (even more easily) with the Infomaniak WorkSpace
Tuesday May 5th, 2015
Install Joomla, ownCloud, phpBB, and more… in just a few clicks with Infomaniak hostings
Friday January 23rd, 2015
Rencontres du Management Durable (Sustainable Management Meetings) at the CCIG
Friday June 20th, 2014
The new “Mon Site Facile” tool: easy web site creation in just a few clicks of the mouse
Friday February 28th, 2014