đ« Subject -âRegarding Zoom conference callâ. Donât open this email
Itâs a âsextortionâ scam
What is Sextortion?
âSextortion refers to a form of blackmail in which sexual information or images are used to extort sexual favors from the victim.â says Wikipedia.
Since the COVID-19 pandemic has taken over the world and humans have switched to the digital mediums to connect with the world, the one service that shot-off the ranks was Zoom. The popularity of video conferencing platform Zoom has gone through the roof in 2020 and since there are fewer humans on roads to do the crime, it comes as no surprise that cybercriminals are targeting the platform.
As per a report by BitDefender, cybercriminals are using a new âsextortion scamâ and targeting Zoom users. The report says that the scam is targeting users over the globe. So far, 2.5 lakh users have been targeted since October 20 and most of them have been from the United States of America.
How does the âsextortion scamâ work?
Users have reported getting an email with the subject line âRegarding Zoom Conference callâ. The email starts like this, âYou have used Zoom recently, like most of us during these bad COVID times,â the scammers said. âAnd I have very unfortunate news for you.â
The scammers then mention how theyâve accessed the usersâ camera. âThere was a zero-day security vulnerability on Zoom app, that allowed me a full-time access to your camera and some other metadata on your account,â the email further reads. âI found a few interesting targets through random lookups. You were just unlucky to be on the list.â For the uninitiated, zero-day security vulnerabilities are bugs that are spotted by researchers that companies might have missed. On Zoom, there have been a few zero-day vulnerabilities that have been reported.
The email then further goes on to scare the users. âAfter that, I did some creepy stuff and a few recordings, just for fun and to test a few things,â reads the email. âAnd as you can imagine in your worst dreams, this happened. I have made a recording, where you work on yourself.â
Whatâs worse is that the scammers end up blaming coronavirus and try to evoke sentimentality in users. âPlease don't blame me or yourself for this, I didnât have any bad intentions,â said the scammers. âI got very sick, lost my job, about to be evicted, and have no money to survive. All of this because of the stupid virus. Iâm sorry. I have no other choice.â
Then comes the extortion part. The scammer asks the user to pay $2,000 in bitcoin within three days or the âvideoâ will be revealed to family, friends, and colleagues. Once the amount is paid, the scammer claims to completely delete the video. âIf you do something stupid, I will distribute the video,â the scammer warns the users.
How to protect yourself from this scam?
Sextortion scammers are banking on two things to succeed in their crimes: Their creative writing skills and your lack of tech knowledge. As of now, there is no zero-day vulnerability in Zoom that could allow such a break-in to happen. And if there was, it would be front-page news (given how critical the software has been to companies around the world during COVID-19).
The threat of sextortion is usually enough to get victims to pay, but some scammers have been known to go further. There have been cases where theyâve shown âevidenceâ that theyâve hacked your accounts by sending you stolen usernames and passwords. But this data is almost never obtained by them directly. Instead, they grab it from known data breaches and leaks.
If you do get one of these messages, thereâs only one thing you should do: Ignore it! Responding in any way will let the hackers know they can reach you â which means they could try again or add you to a spam mail list.
At the same time, you should never attempt to pay the ransom. Bitcoin is an anonymous digital currency, and just like with cash and gift cards, thereâs no way to get it back once youâve paid.
Thankfully, sextortion isnât as dangerous of a threat as ransomware or phishing. Think of it as a scary variety of spam mail instead of an actual form of blackmail. And like every other piece of spam mail, itâs best left to your email filter instead of you.
So next time you see an email regarding your Zoom conference call, be careful and donât fall for this scam doing the rounds.
Spread the word
If you have enjoyed this article, do check our other articles (link below). Also, do share it with your friends and family. You can also click on the clap button (The limit is 50. Just use all of it). Your support would be incredible.
TheLatestCheckout â thelatestcheckout.medium.com