Multiple instances of bulk email extortion scams scrutiny by the National Anti-Scam Centre
In recent times, a concerning trend has emerged in the realm of cybercrime - sextortion scams. These scams, which often involve empty threats to publish explicit photos, are becoming increasingly prevalent, with hundreds of reports surfacing every day.
Contrary to popular belief, most sextortion campaigns do not utilise deepfakes or deepnudes. Instead, cybercriminals rely on the fear and embarrassment they can instil by gaining access to personal details, such as birth dates and addresses, through previous public data breaches.
The FBI issued a warning about the use of generative AI tools to create deepfakes or "deepnudes" in sextortion scams as early as 2023. However, the majority of these scams still rely on the threat of releasing existing compromising material.
Cybercriminals often use cryptocurrency platforms for anonymity in these scams. Transactions through cryptocurrency are less likely to be recouped or reversed, making them an attractive method for these scammers.
Satnam Narang, Senior Staff Research Engineer at Tenable, highlights that extortion doesn't just apply to businesses dealing with ransomware attacks. It also affects individuals, especially due to the increased usage of smartphones and social media platforms, and the rise in sexting among young adults.
The Australian Government's Scamwatch website provides valuable information on how to avoid scams after a data breach. Restricting social media profiles to friends and family can help thwart the potential threat of deepfakes or deepnudes being created.
If you receive a sextortion email, do not respond or pay any money. Instead, ignore the email and contact a computer specialist if you have concerns about the security of your device. If a scammer has taken your money or personal details, contact your bank or card provider immediately to report the scam and ask them to stop any transactions.
It's important to note that several organisations, including healthcare providers, financial institutions, and telecommunications companies, have been affected in the past by data breaches involving billing data. This stolen data often includes home address, phone number, birth date, and other personal details, which cybercriminals use to target potential victims.
The Australian Government's National Anti-Scam Centre reports that criminals are emailing people, falsely claiming to have hacked into their computers or webcams and access to compromising images and videos. If you have any doubts, remember - legitimate organisations will never ask for personal details or demand payment via cryptocurrency.
Stay vigilant and protect yourself from these scams. Your privacy and security are important.
