A new phishing scam on the rise: 30,100 USD has been made [source: 360totalsecurity]
by CIRT Team
Recently, a new form of phishing scam has been discovered. It uses the recipient’s real password to make the victims mistakenly believe that their online data has been attacked by hackers. It is claimed that the victims have to meet the request of the attackers, otherwise the video regarding victims visiting porn sites would be exposed.
A few weeks ago, Vade Secure released a report, revealing the details of this kind of sextortion scam. Through further understanding, the researcher found that the password issued by the scammer was probably acquired about ten years ago. Unfortunately, many victims are not aware of this.
The company provides the filtering services for such phishing scams. In the past few months, its engine has filtered about 600,000 ransomware messages.
After reviewing these emails, Vade Secure found that 90% of them were written in English, but some parts of the translation were written with bad grammar.
Moreover, in most cases, senders used Hotmail or Outlook address randomly, but this may be automatically generated (as shown above).
Others pointed out that hackers used the data acquired through invading IoT products, routers and other devices, and then used it for this phishing scam.
This form of phishing Initiates actions through the command line of the Linux operating system rather than the webmail client.
For more, click here.