Users are pressured to pay up or get hit by WannaCry ransomware and a DDoS attack. Don’t fall for this extortion email scam this tax season.
As if tax season isn’t stressful enough, a new extortion email scam is currently underway to steal your personal details and commit fraudulent activities. Hackers are demanding two bitcoins from victims in exchange for keeping quiet about their presumed “tax evasion”. If they do not pay, they will find themselves hit with a DDoS attack and WannaCry ransomware.
These particular emails have the subject line: "Incident: [random characters]" and the first sentence states: "Forward this mail to whoever is important in your company and can make decision!"
Threats and high-pressure tactics like these show classic signs of a scam in play, attempting to separate people from their money, data, property, or services through coercion.
Here’s how a cyber-blackmail scam starts: Cybercriminals contact you via email or social media, insisting they have: (1) the password to one of your accounts, (2) a hitman contract (yikes!), or (3) evidence of egregious behavior — cheating on your wife, webcam footage of you watching porn, or, in this case, hiding your taxes.
To make the problem go away, cybercriminals would typically ask for your credit card number. But most recently, they’ve demanded payment in Bitcoin or another type of cryptocurrency since these transactions are fast, worldwide, and untraceable.
Most individuals on the receiving end of a scam are quick to pay up in order to avoid embarrassment. Businesses, meanwhile, are more cautious; they’re more likely to contact law enforcement for further investigation and possible prosecution.
“This is an evolved version of the ‘Police Virus’ or ‘Police Trojan’ which targeted most of Europe in 2011,” comments Avast security expert Luis Corrons. “Cyberattackers posed as different law enforcement agencies, even localizing messages in English, German, Dutch, and Spanish, among others. In the message, it claimed to have detected illegal content from that computer and, to avoid prosecution, a €100 fine must be paid.”
Hackers can also demand payment by keeping your data and files ransom. Attachments are sent via phishing emails, masquerading as a trustworthy file. Once opened or downloaded, ransomware takes over the computer and threatens to publish data about the victim (individual or business), or completely block access to their computer or files. A ransom must be paid in order to "unlock" their computer or release the files.
Ransomware typically spreads by using some form of social engineering; where victims are tricked into downloading an email attachment from a seemingly trustworthy source or clicking a link that looks legitimate. Another common way to spread ransomware is through an exploit kit, in which code is installed on a legitimate site that redirects visitors to a malicious one.
Call federal and local law enforcement immediately. Just as you would turn to authorities for a real-world kidnapping, do the same with ransomware. Forensic technicians can help ensure your system isn’t further compromised and will work to find the cyberattackers.
Also visit the No More Ransom website to get more information, report a crime, and to access decryption tools that could help you recover your data without paying ransom to cyberthieves.
Ignore scammers: Most email scams have tell-tale signs that are easy to spot, but many seem authentic enough to believe. Avoid email or social media messages that claim to contain links to something “interesting”, or ask you to download software to view the material. Just press delete.
Be wary of free downloads or access to free music, games, movies, or adult sites; they may install harmful programs on your computer without your knowledge.
Take extra precautions to avoid giving hackers an upper-hand. Users with a webcam should use a cover or disable it when not in use.
Continually change your passwords to strong, unique ones.