Tuesday 30 July 2019 1:01 pm

Sextortion and bomb threats fuel rise in email scams

The number of email extortion scams has spiked in recent months as cyber criminals increasingly use fabricated bomb and sex threats to dupe victims into handing over money.

In a report published today, cybersecurity firm Symantec said it blocked almost 300m extortion scam emails from the start of the year until the end of May.

Read more: NHS still running Windows XP on over 2,000 computers despite spate of cyber attacks

The surge in scams was driven by a rise in so-called sextortion threats, where scammers claim to hold compromising footage of the user or pose as law enforcement officials who have found child pornography material on the user’s device.

The company also reported an increase in the number of scams where the sender claims to have planted a bomb in the recipient’s building. In both cases, the scammer demands payment in cryptocurrency bitcoin.

Symantec said that roughly 30 per cent of the offending emails were received during a 17-day period around Valentine’s Day.

The research estimated that scammers are making roughly $1.2m (£986,000) a year from these types of emails.

Separately, a report published today revealed that nation state cyber attackers are targeting individual mobile users for gathering intelligence and disrupting national rivals.

Cyber crime groups from countries including Russia, China, North Korea and Pakistan are hacking into citizens’ phones in a bid to target protesters, journalists and defectors, according to cybersecurity firm Crowdstrike.

The report stated the groups have been upping their attacks on mobile devices as users accumulate more and more personal data on their phones.

Read more: Government cybersecurity under scrutiny as staff lose hundreds of mobile devices

“Nation states typically target end-users who demonstrate political or intelligence value, while the criminal actors attempt to monetise mobile devices through ransomware, banking trojans, credential theft and cryptomining,” said Adam Meyers, vice-president of intelligence at Crowdstrike.

The firm warned that cybersecurity measures on mobile devices are lagging behind traditional platforms, with a particular risk posed from users installing unvetted applications.

Main image credit: Getty