Typically these try to convince users to pay a cryptocurrency fee in order for the hacker not to release a non-existent webcam video of the victim watching porn. They use personal information harvested from the dark web including log-ins and email addresses to lend credibility to the blackmail threat.
According to Barracuda Networks, the black hats are evolving their tactics to bypass traditional filters.
“Many sextortion emails end up in users’ inboxes because they originate from high-reputation senders and IPs. In fact, hackers will use already compromised Office 365 or Gmail accounts in their campaigns,” it said.
“These emails don’t usually contain any malicious links or attachments that traditional gateways will look for. Attackers have also started to vary and personalize the content of the emails, making it difficult for spam filters to stop them.”
The scams are also under-reported due to their embarrassing nature and so IT teams are often unaware of the scale of the problem, the vendor claimed.
Interestingly, the education sector is by far the most popular target, accounting for over half (55%) of the attacks detected by Barracuda, followed by government (14%) and business services (11%).
Organizations should combine anti-spear-phishing and account takeover protection tools with employee training and awareness exercises to help mitigate the threat, Barracuda Networks advised.