An email hits your inbox from an unknown sender that includes a picture of your house and address, followed by this threat: "Don’t even try to hide from this. You have no idea what I’m capable of ... I’ve got footage of you doing embarrassing things in your house (nice setup, by the way)."
Sounds like a scene out of a horror film, right? Instead, it’s one of the latest phishing scams.
Like many other email and text scams, this particular extortion scheme uses specific personal information to deceive people into sending money. The email convinces people the hacker knows more about them and that they must exchange payment or Bitcoin in order to keep their information safe.
"I received a PDF over email that included my address and photo of the address and made outrageous claims about my private behavior, and claimed to have video documentation captured from spyware on my computer," Jamie Beckland, a chief product officer at the tech company APIContext, told HuffPost. "The scammer threatened to release the video if I didn’t pay them via Bitcoin."
If you get a similar email, here are the steps you can take to figure out if it’s a scam so you protect yourself:
- Confirm the house and street imagery on Google Maps
Many phishing emails are often riddled with grammatical errors and poor formatting, which make them easier to identify. However, this scam, which includes images of people’s homes, is a newer, darker twist.
You might be asking yourself, how exactly was the scammer able to identify your house address? According to Al Iverson, a cyber expert and industry research and community engagement lead at the software company Valimail, the sender likely found your address from a prior data breach that leaked personal data, and then used a Google Maps photo to put together an email. - Examine the email address and check for legitimacy
Iverson recommended checking the email address’ legitimacy whenever you receive any correspondence from unknown users.
"Check whether the sender’s email domain matches the official organization’s website," he said as one example.
"Also, if using Gmail, look for ‘show original message’ and review SPF, DKIM, and DMARC results." These are essentially methods that verify the emailer’s domain to prevent spam, phishing attacks and other email security risks. To do this, click on the three-dot hamburger menu at the top right of your email and click "Show Original." - Don’t click unfamiliar links, especially related to payments
If an email seems legitimate, you might accidentally click on the links it contains for more information. Zarik Megerdichian, founder of Loop8, a company that protects personal data and privacy from data breaches and hackers, strongly cautions against this.
"Exercise caution any time you’re asked to click on a link in an email," Megerdichian said. "Bitcoin transactions are irreversible, as are many other common payment methods including Cash App and Zelle."
Further, scams that demand remuneration should be reported to the Federal Trade Commission by filing a report online or via phone. Megerdichian also noted that if a hacker has obtained details about your financials, monitor your bank accounts closely and dispute fraudulent charges with your bank, cancel your cards and preventatively stop future charges. - Update your password
It’s also highly advisable when confronted with an elaborate scam to change all of your passwords.
According to Yashin Manraj, CEO of Pvotal Technologies, a company that creates secure tech infrastructures for businesses, it’s important to protect your data right away if you suspect it’s been compromised.
"Use a new email address if possible and move critical financial or utilities to it, and then start reporting the case to the local police, the FBI and making sure your family is aware of the potential threat of a public shaming in the unlikely event that they did manage to steal some compromising data," Manraj said.
No comments:
Post a Comment