According to the recent report published by the cybercrime investigation firm Digital Shadows & reported by The Next Web, Cybercriminals have managed to steal $332,000 in Bitcoin from so-called “sextortion” scam where the emails were sent to blackmail the victims. This email-based blackmailing scam was first reported in 2017 & witnessed scaled-up scamming activities in the last year.
The scam first came into the radar of the common people in July 2018 when Emin Gun Sirer, professor of computer science at Cornell University tweeted about it with the screenshot that read the email sent by the scammers.
“Here’s a new form of crypto blackmail. A friend received this out of the blue. Presumably, it’s getting sent to everyone on the have been pwnd list. Be careful out there, never pay, never negotiate.” He tweeted. The story was later reported by TNW’s Hard Fork.
UK-based digital risk assessment firm -Digital Shadows had tracked 79200 targeted emails as part of their analysis and found out that criminals have managed to receive the sum of $332,000 from more than 3,100 unique sender Bitcoin addresses. The report further revealed that as many as 92 Bitcoin addresses received funds from those 3100 unique BTC addresses. After analyzing the Bitcoin wallets from where the funds sent, the firm also came to know that the average transaction was worth $540.
According to the report, the cybercriminals have followed the same pattern throughout the scams. Targeted victims of this scams were first sent an email with a threat that video footage of them viewing adult content online which was recorded via their webcams would be publicized on the internet if the certain amount of ransom were not paid into a specific Bitcoin address. The report also revealed that the scammers have been hiring the new accomplices to assist them with ongoing operations. They were offered around $360000 per annum and new associate with skills like network management, penetration testing, and programming expertise could expect to earn up to $768,000 a year. The targeted victims are usually individuals with high net worth and higher salaries.
The report highlights that there are different groups of criminals with different level of sophistication and expertise using the same technique to hunt the victims across the globe. Many of the emails were written way too poorly that they failed to get past a mail server or spam filter. Some emails, on the other hand, were well curated and sent from purposely created Outlook.com addresses. Analysis of 792000 emails also reveals that the scam was operated from the number of locations. Information from senders’ IP addresses shows that the emails were sent from servers based across at least five different continents. IP addresses of the senders also unveil that the highest number of emails sent were from Vietnam (8.5 percent), followed by Brazil (5.3 percent), and India (4.7 percent). The possibility that the email servers were being manipulated by cybercriminals can also not be ignored.