CERT-In Issues Advisory to Inform Citizens About Email Extortion Scam

The nodal agency says such emails generally include an old password to convince people to pay scammers.

By Jagmeet Singh | Updated: 30 April 2020 15:02 IST

CERT-In Issues Advisory to Inform Citizens About Email Extortion Scam

Scammers ask recipients of their extortion email campaigns to pay them in a digital currency

Highlights

CERT-In’s advisory shows a specimen of an email extortion campaign
Scammers use such email to earn money
Recipients are advised to ignore such emails

The Indian Computer Emergency Response Team (CERT-In) has warned of a new email extortion campaign that scammers have started on the Web to force people to send money by professing to have hacked their systems. An advisory issued by the nodal cyber agency shows a specimen of an email that can be used to grab the attention of recipients and threaten them about some sham hacks. The scammers who send false emails often ask to pay an amount in a digital currency such as Bitcoin.

To help citizens understand how a scammer would try to get their attention through an extortion email, the CERT-In has said in its advisory that such emails generally include an old password of the recipients that might have been obtained through a leaked data breach available online.

The scammer begins such emails with showing off the old password and then crafts a story containing computer jargon to pretend as a skilled hacker, the advisory notes. The email would also claim to have a personal video or videos compromising the recipient's webcam. This would create some fear in the recipient and help convince them to give the money demanded at the end of the email.

Passwords for WHO, CDC, NIH Employees Reportedly Dumped Online

“Lastly, the scammer will give the deadline of 24hrs to comply and threaten to send videos to their [recipients'] relatives, co-workers etc…,” the advisory adds.

‘Fake, scams, and nothing to worry about'
The CERT-In has boldly mentioned that all such emails “are fake, scams, and nothing to worry about” and recipients shouldn't send any payments to their senders.

“If the passwords listed are in use or familiar, recipients are advised to change the password at any site that they are being used,” the agency has recommended in the advisory.

Spike recently noticed in VPN attacks as well
Earlier this month, the CERT-In issued a warning about a potential spike in cyber-attacks on virtual private networks (VPN). The agency at that time said that the trends of social engineering attacks are at peak due to the increase of online activity during the ongoing lockdown to curb the COVID-19 outbreak.

How are we staying sane during this Coronavirus lockdown? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.