Sextortion scam with a twist lures friends into opening malicious attachments

In a peculiar take on the traditional sextortion scam, bad actors have started threatening to distribute stolen nude pics of your friend’s girlfriend.

The novel campaign targets the friends of an already ‘sextorted’ victim who did not agree to the ‘terms’ and refused to pay, according to new research by IBM’s X-Force team.

Threat actors deliver a message claiming they are now sending the private images to every person in the contact list of your friend, including you. To see them, you’re told to check the attachment.

If you’re curious to see who was targeted, and open the attachment, you’ll see a Microsoft Office document containing a blurred image. The contents are viewable only if you click on the Enable Content button. That’s when the malicious payload is downloaded on your device. The malware delivered is known as Raccoon, an info stealer detected by security researchers in underground forums about a year ago.

This malicious tool is distributed as malware-as-a-service to any hacker willing to invest $75 per week or $200 per month to target login credentials, credit card information, cryptocurrency wallets and browser information.
The delivery method is not limited to phishing campaigns though. Security researchers state that unpatched browsers and operating systems also pose a risk of infection, as exploit kits may be embedded on different websites.

Sextortion scams are a popular way for criminals to capitalize on the fear of having any indecent photos exposed online, to your family, friends or coworkers. The scammer will always make sure that, even if you’re positive no such material exists, your system is infected in some way and sexual explicit images were snapped using your webcam.

A word to the wise – ignore any such message that pops up in your Inbox. Definitely don’t click on the malicious attachment and do not enable any Macros in the document. Better safe than sorry! Simply delete the message. It’s always a good idea to have a security solution in place to ward off malware, spyware and phishing attempts.

Be Safe!

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top