Pay money coronavirus extortion scam covid 19 cybercrime
Cybercriminals have found the coronavirus scare as a new tool to target people around the world. We have already discussed how fraudsters are posing as WHO officials to carry out phishing attacks, tricking people to click on malicious links or download harmful content, registering new malicious websites related to COVID-19, putting up and setting up fake COVID-19 tracking dashboards to hack computers.
Now there is a new scam doing the rounds. A new report by Sophos — a British security software and hardware company — shows that cybercriminals are using extortion emails claiming they will infect a user’s family with coronavirus if the user does not pay the ransom money.
Pay money or get coronavirus!
Sextortion is well-known among people where cybercriminals send “dirty little secret’ emails saying they’ve got hold of the user’s compromising pictures via malware and they’ll leak it to the whole world, including their friends and family— unless the user decides to pay them a hefty amount of ransom money.
In the new trend, criminals have tweaked the extortion to match up with the ongoing coronavirus pandemic. Cybercriminals are sending emails asking for $4000 via Bitcoins or else they’ll not only reveal secrets, but will infect every member of the victim’s family with coronavirus.
To sound authentic and get the person’s attention, the sender first reveals the password that was previously used by the victim. They claim they know all the passwords and that they have been keeping a close watch on the user, and could even infect their family with coronavirus. The email also includes a threat to reveal all of the user’s secrets. Check out the whole email in the screenshot attached below:Screenshot of extortion email. (Image source: Sophos)
So what next?
There’s a chance they could have extracted your password from publicly available data leaked in an old data breach. So even if the whole this is a scam, what do to now? Paul Ducklin, the Principal Research Scientist at Sophos, explains that there is no need to be scared. “Don’t send any money. It’s all a pack of lies,” he says.
Express Tech is now on Telegram. Click here to join our channel (@expresstechnology) and stay updated with the latest tech news
“In scams like these, the crooks don’t have any data on you, let alone details about all your family members and where they live,” he adds.
Ducklin also forbids to reply to the mail. “It’s tempting to contact the crooks, just in case, but they have nothing to sell; you have nothing to buy; and by contacting them you are just giving them another chance to scare you into making a mistake.” He also says that if anyone receives such an email, they should let other people know about it so that they do not fall for this horrible scam either.