20.08.2024 - Data leaks from online service providers are giving scammers new ideas. They are combining information from multiple data leaks to create new data sets that they can then use to scam their victims. The NCSC has received reports of several cases of sextortion where scammers have done exactly this.
Fake sextortion: what is it?
Fake sextortion emails have been around for a long time. Most of these emails look more or less the same, with only minor differences. The general idea is to trick the recipient into believing that their computer has been infected with malware, and that this malware has been used to film them performing a sexual act. The email threatens to release the footage unless the victim pays a ransom. This type of scam is called 'fake sextortion' because the story is fake and involves sex and extortion.
Scammers add extra information
The NCSC has recently received a number of reports of fake sextortion messages containing part of the recipient's phone number. In other cases, the message contains a password that the recipient uses or has used in the past.
The goal is to intimidate: the scammers want the recipients to think they know a lot about them. This makes the victims more likely to pay. If you receive a fake sextortion message, you should ignore it. Under no circumstances should you give in to the scammers' demands.
Data leaks
When something like this happens, it raises the question of where the scammers got the information (e.g. passwords, phone numbers). One thing is clear: they did not get it from your device. It was probably stolen from an online service provider or social media. The data was extracted from the service provider's systems using malware or (more commonly) through poorly protected access points.
The contents of various data leaks are usually traded or even offered for free on the dark net. This makes it easy for scammers to get their hands on a variety of data sets.
You can check if your information has been leaked by visiting the popular Have I Been Pwned website, for example. The website contains information on known data leaks (also called breaches). You can check to see if your email address is listed and which leaks it was included in. However, you should not be surprised if your email address is affected: sooner or later, almost all active email addresses end up in some kind of leak. It may be important to know what other data was leaked along with the email address. Have I Been Pwned usually includes this information. The leaked data could be addresses or telephone numbers – or in more serious cases, credit card details or passwords. That is why you should use different passwords for different online services and social media.
In the example above, the data comes from a leak related to the cryptocurrency service provider Gemini. This data leak appears to have affected all recipients of the scam emails.
With a little effort, scammers can combine existing data sets to create new, higher quality data sets. Picture the following: in leak A, your email and home address are leaked. In leak B, your email address is leaked again, but this time with your phone number. In leak C, your email is leaked a third time, along with your password. As the same email address appears in all three leaks, it is easy for a scammer to link all of your information together. They can then use this information to commit a variety of scams: order fraud, email account hijacking, identity theft, etc.
Recommendations
To help protect your personal information and prevent scams, the NCSC recommends that you do the following:
- Be careful with your data. Only share your information when necessary and make sure it is protected.
- Use a password manager and use different passwords for different accounts.
- Use different email addresses if you can. Using a designated address for ebanking and other more sensitive services makes it easier to spot phishing messages, for example.
- Don't be pressured by emails telling you to act fast. If you are unsure whether a message is legitimate or not, you can contact the NCSC and ask us.
Current statistics
Last week's reports by category:
Last modification 20.08.2024
