We have already talked about other Phishing campaigns very present today such as the CEO scam (https://www.audea.com/es/fraude-del-ceo/) in which the trust of the employees or fraud intervenes bank in which the so-called muleros participate (https://www.audea.com/es/los-muleros-bancarios/) in which bank fraud also intervenes.
As can be seen in this type of phishing, other factors intervene that help make the attack much more complete, targeted and successful, such as bank fraud or other techniques.
Today we are going to talk about a phishing that relies on other factors such as a password leak and blackmail of people, we can see an image of it below:
New Phishing with blackmail
In it, the first thing that catches our attention is that it is true that it has one of the passwords that we usually use, what is shaded is actually a real password of the recipient that can foreseeably recognize where we access with it.
The fact that they have our password is directly related to some of the password leaks that have existed lately, without making any special mention, some with a large number of compromised user accounts and some of the highly prestigious pages (all these data the truth that come to scare).
Making a subsection at this point in the article there are pages that inform the user if their email address is compromised, some with other types of purposes, so we must be careful with the information that we enter in them.
For example, on the page https://haveibeenpwned.com/ we are informed of this and indicated in which filtration we must pay special attention to take immediate measures.
In any case, even if the previous example of the page has been used, we never advise entering any type of personal data on any page that is not completely trustworthy since we can double the initial risk that we had mentioned.
Returning to the email seen in the image, reference is made to the blackmail claiming that it has compromised content of ours that they will spread among all our contacts.
With this fact they give us two options, first they blackmail us to proceed with its deletion for an amount of money or otherwise they will spread it immediately (they give us a period of one day).
In addition, this requested money is in bitcoins (in this article we talk a little more technically about this cryptocurrency: https://www.audea.com/es/criptomonedas-bitcoin-funcionamiento/) and, in this way, the transfer of the "Reward" will not leave any trace.
One of the characteristics of bitcoin accounts is that any user who belongs to the network can see the amount of money that a portfolio has and it has been possible to discern that the amount that appears in the mail requesting the money rises exponentially.
For all the aforementioned, we have to remain aware of this type of attack and if we have received this email or any of a similar nature, we must delete it immediately and proceed to change the passwords immediately of all the portals or social networks that we have and independently perform this action periodically.
_______________________
Fernando Saavedra
Cybersecurity Manager
Áudea Information Security
