It was only a matter of time. Phishing meets the Dark Web. Phishing emails are emails you and your employees receive from bad guys who are looking to gain something from you – usually money. The Dark Web is a place on the internet where bad guys go to buy and sell information – YOUR information.
We’ve seen several iterations of Sextortion but here’s the latest twist. Some bad actor buys a list from the Dark web and in it is your email address and a password (and some other information associated with it). Then they write you an email. There are many variations but some common elements. In the email they say they caught you going to a porn site on the internet. Depending on the variation of email you receive, they may attach a raunchy picture, claim they took a photo or video of you viewing porn, etc. Here’s the hook. To make it more believable, they’ll show you your password or some other personal information which they bought from the Dark Web.
Then they threaten to make this public. We’ve also seen variations here. They may say they have downloaded your contact list and threaten to email everyone on it, or email everyone in your company, or they may say they hacked your Facebook account and threaten to post there. Whatever the variation, they threaten to expose you.
The last common element is they ask for something. Usually payment to a Bitcoin account (untraceable). However, they may ask for information – your employer’s customer lists, company bank info, etc.
Sextortion is the fastest growing internet crime today. If you receive one of these emails, do not answer, delete the email and don’t pay any amount or give any information. And, as always, it’s a good idea to turn off or cover your camera.
If you don’t think your information is for sale on the Dark Web, think again (Equifax breach-163 million records, Facebook-60,000 records PER DAY). How do you find out? There are reputable firms who make it their business to monitor the Dark Web. Call your trusted IT or call us (774-222-5500) or visit us at www.FairoaksIT.com/DarkWebScan. We can tell you if your email address is for sale on the Dark Web.
