Shillong, July 13: According to a report, email fraudsters are employing a new tactic to extort money from potential victims. They target over 10 work email accounts simultaneously, making moderate demands for around $1,000 in Bitcoin. The purpose of this approach is to evade detection by potential victims, security teams, and payment systems, as per cloud-enabled security solutions provider Barracuda Network.
IANS reported that researchers at Columbia University analyzed 300,000 emails identified as blackmailing scams over a 12-month period to gain insights into the financial infrastructure used by attackers for their extortion campaigns.
“Extortion attacks must be taken seriously by security teams, especially when they target individuals through their work email accounts,” emphasized Nishant Taneja, Senior Director of Product Marketing, Email Protection at Barracuda.
The report reveals that attackers utilized 3,000 unique Bitcoin wallet addresses, with 100 wallets appearing in 80% of the extortion emails. This indicates that a relatively small number of attackers were responsible for the majority of the extortion attempts.
Furthermore, the study found that 97% of sender accounts involved in extortion campaigns sent fewer than 10 attack emails each, and 90% of the attacks demanded payments of less than $2,000 in Bitcoin.
Taneja raised important questions regarding how attackers gain access to account details and whether they were exposed or stolen at some point. He also mentioned the possibility of recipients using their work accounts and devices for inappropriate activities, which could have security implications for both the company and the targeted individual. Such incidents can be distressing, embarrassing, and potentially increase the likelihood of victims succumbing to payment demands.