Scammers and schemers have been looking to capitalize by targeting users whose information was made public.
Scammers and schemers have been looking to capitalize by targeting users whose information was made public.

Following the massive breach of extramarital affair website Ashley Madison – and the subsequent release of company data – scammers and schemers have been looking to capitalize by targeting users whose information was made public.

Cloudmark has been investigating a series of emails demanding 1.05 Bitcoin, or around $250 as of Friday, in exchange for not releasing Ashley Madison data to family and friends. The emails each include a unique Bitcoin address for payment.

To find out if the blackmailers are making money off the scheme, Cloudmark researchers searched the blockchain for transactions where 1.05 Bitcoins were paid.

“Specifically, we found 67 suspicious transactions totaling 70.35 [Bitcoins] or approximately [$15,814] within the extortion time frame of approximately [four] days paying 1.05 [Bitcoin] to addresses, with no previous activity, and with [two] or fewer transaction outputs,” a blog post said.

In the end, Cloudmark deduced that about 40 percent of the 67 suspicious transactions may be the result of individuals paying the blackmail – a total of roughly $6,400.

Recipients may feel more pressured to pay the blackmail due to the message stating that automated systems will release the data to family and friends within three days. Angela Knox, engineering director at Cloudmark, told SCMagazine.com in a Thursday email correspondence that it is unclear if those automated systems actually work.

Knox said that Cloudmark detected the campaign as part of its ongoing monitoring of email messages that its subscribers receive. She noted that the messages appeared to target email addresses leaked in the Ashley Madison breach, so it is less likely that the perpetrators are blasting out bulk emails to anyone and hoping to get a few hits.

Deeper analysis of the Bitcoin trail could potentially assist law enforcement in deanonymizing the blackmailers, the blog post said.

“If we followed the 67 transactions we identified, we can technically trace and follow them forever,” Knox said. “For example, if at some point in the future we see transactions that gather Bitcoins from multiple addresses we listed on the post, and that are used to pay for (say) a TV on Newegg or other legitimate Bitcoin-accepting vendor, police may have a physical address to visit. This is very hypothetical, though, and I am guessing any blackmailer would not do something so obvious.”

For those who receive the email and had an account with Ashley Madison, Knox recommended reporting the message as spam and contacting law enforcement. Paying ransoms or blackmails is not recommended, and could possibly lead to more extortion in the future, she said.

Another scam targeting Ashley Madison users involves a website – ashleymadison-repair[dot]com – that offers a data removal service.

Users can supposedly pay anywhere from $199 to $4,999 for a variety of specific services, but MailChannels – the outbound anti-spam and email delivery technology company that wrote about the scam – recommended not coughing up any money.

MailChannels reported seeing an uptick in spam emails this week that are promoting the website, and additionally reported a spike in the overall number of Ashley Madison-related spamming and extortion emails since mid-August.