A new sextortion scam variant is using a wallet for a cryptocurrency other than bitcoin in an attempt to evade detection.

On October 8, Cofense revealed it had detected a modified sextortion scam that was using a wallet address for Litecoin instead of bitcoin.

The variant thereby differentiated itself from earlier sextortion campaigns detected by the anti-phishing solutions provider. Even as they moved from text to images and then to PDFs in order to fly under the radar of secure email gateways (SEGs), attackers still included the plaintext string of a bitcoin wallet address where recipients of a sextortion email could make a payment. SEGs eventually caught onto this tactic, however, which forced digital criminals to make a change.

Cofense explains in its research that this fraudsters opened up some opportunities for themselves by moving away from bitcoin:

…[T]hreat actors can switch to the next crypto currency and attempt to iterate through all the scam’s previous versions. While there are thousands of crypto currencies, only a dozen or so are easily attainable from large exchanges. For the scam to work, the recipient needs an easy way to acquire the requested payment method.

Sextortion scams have been around for years, but things heated up in July 2018 when digital criminals began using recipients’ breached passwords to trick them into paying. It didn’t take long for bad actors to change things around by incorporating recipients’ redacted phone numbers into their attack emails and using their campaign to deliver threats like GandCrab ransomware. Not too long after that, malefactors began using fake malware infections from adult sites and CIA investigations to try to stoke recipients’ fears.

These ploys all highlight the importance of users not believing every email they read. With that said, they should never send money to someone who uses fear (Read more...)