Extortionists are constantly inventing new blackmail strategies. Until recently, their main trick was “sextortion,” which you may already have read about. However, as happens with most cyberthreats, criminals’ attention began to shift from users to organizations. That is not surprising — there is much more money in business.
Not long ago, our spam filters began catching a new version of blackmail letters. At this time, they threaten to undermine the reputation of the websites of small and medium-size companies. The scheme is quite simple: They send letters to victims’ public addresses (or submit them using their website “contact us” form), demanding a transfer of a small (by business standards) amount of 0.3 to 0.5 bitcoins to their bitcoin wallet. (At the time of this writing, the amount was never more than the equivalent of $4,200).
What are they threatening?
These cybercriminals are trying to impress their victims with large numbers. Their threats are as follows:
- They will submit offensive letters signed by the victim’s company to 33 million sites with web contact forms.
- They will send out annoying advertising letters with promises of free iPhones to 19 million addresses.
- They will continue the assault with aggressive spam on 35 million forums.
As a result, they say, the Spamhaus project will recognize the victim’s site as a source of spam and will block it forever, completely undermining the reputation of the site and the company.
How real are the threats?
The short answer is, they are not real at all. The amount of work that hackers would have to undertake for a disinformation campaign like the one outlined would require too much time and effort to be profitable. Spammers’ only hope is to frighten the recipient enough to pay.
In fact, if the company decides to pay, all it accomplishes is getting added to the list of victims who tend to cooperate with extortionists. By demonstrating that you are ready to agree to their demands, you are making your company more likely to receive similar letters in the future.
What should you do?
If you receive such a message, it may be tempting to act, but you should not. However, to avoid similar letters in the future, use a security solution that can block spam mailing at the server level.