sb-eu logo
Story image

MailGuard warns against extortion phishing emails

MailGuard has highlighted dangerous email scams following its interception of a large run of extortion phishing emails that demand a ransom payment in bitcoin.

According to MailGuard, there are several versions of the email scam, however the overall theme is the same and all attempt to blackmail their target.

For instance, the email will tell the victims that sensitive, often deeply personal and embarrassing information has been obtained and unless a ransom payment is made in bitcoin the content will be published.

The emails use various display names, subject titles and sender details. Some utilise compromised accounts and others forge the recipients’ email addresses to confuse or trick the target into thinking their account has been hacked, as claimed in the email.

In many cases, the email contains the user's password from compromised accounts, in fact often in the subject line, to demonstrate that the cybercriminals have access to the account.

MailGuard states, “We strongly advise all recipients to delete these emails immediately without responding. Please share this alert with your social media network to help us spread the word around this email scam.”

“It is key to remember that these scams are all fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia.

"This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you," the company wrote in a statement.

According to MailGuard, in most cases if you receive an email there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of scaring recipients into paying the ransom.

The information in the email is often collected from the internet from previously known data breaches. As such, MailGuard recommends people to not give the perpetrator any money or images, and stop all contact with them.

If a blackmailer is threatening to reveal intimate images online, do not give in to their demands, instead report it to the Office of the eSafety Commissioner.

If the email includes a recognisable password, all accounts that use this password should be changed. Make sure to use a strong password and don’t reuse passwords across different accounts. You can also set up 2-factor authentication where available.

To find out where your email may have been included as part of a data breach you can visit Have I Been Pwned.

Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
Juniper Networks expands security offering for remote working
Juniper Networks has launched new solutions to enhance work from home security.More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More