Kaspersky Labs researchers have noticed a recent switch in tactics by malicious actor’s intent on conducting blackmail operations.
The primary scare tactic in these phishing operations is to tell the recipient the extortionist has embarrassing or damaging evidence against the target with a demand to pay a set amount in order for the malicious actor to remain quiet. In the past the attacker would simply hope the threat was enough to entice the payment, but Kaspersky has noted the cybercriminal is now doing some extra legwork to make their claim more believable.
“The new wave of emails contained users’ actual personal data (names, passwords, phone numbers), which the scammers used to try to convince victims that they really had the information specified in the message,” the report said.
This indicates the spammers are using a variety of breached databases to draw personal information from to use as evidence that they truly do have some type of damaging information on the target. Additionally, these fraudulent emails are now being sent to a larger audience. Previously, mainly English speaking people were chosen, but starting in September campaigns have been launched against German, Italian, Arabic, and Japanese speakers.
The new methodology may be working as Kaspersky found several bitcoin wallets receiving payments totaling more than $18,000.