Cyber blackmail wave targets office workers

[InfoSec News <isn () c4i org>]

http://www.computerworld.com/securitytopics/security/story/0,10801,88623,00.html

By Bernhard Warner
DECEMBER 29, 2003 
REUTERS 

Cyber blackmail artists are shaking down office workers, threatening
to delete computer files or install pornographic images on their work
PCs unless they pay a ransom, police and security experts said.  The
extortion scam, which is believed to have surfaced one year ago,
indiscriminately targets anyone on the corporate ladder with a PC
connected to the Internet.

It usually starts with a threatening e-mail in which the author claims 
to have the power to take over a worker's computer through an exploit 
in the corporate network, experts said. 

The e-mail typically contains a demand that unless a small fee is paid 
-- at first no more than $20 or $30 -- the fraudster will attack the 
PC with a file-wiping program or download onto the machine images of 
child pornography. 

"They prey on the nice secretary who wouldn't do anything wrong. When 
she gets one of these e-mails, she thinks 'Oh my goodness, what am I 
going to do?' So she puts it on her credit card and transfers the 
funds to the [suspect's online bank] account and hopes it goes away," 
a British detective specializing in cybercrime told Reuters. 

The officer advised against cooperating with the fraudsters. "If a 
person pays up, say it's just 20 euros, then they have identified a 
soft target. They may come back for more, next time demanding more 
money." 

Hard crime to crack 

In the annals of cybercrime, investigators acknowledge that the racket 
is one of the most difficult to crack. Because the ransom is small, 
people tend to pay up and keep quiet. 

Police said the number of cases is tailing off, but because it so 
often goes unreported, there is little evidence that the crime is 
actually in decline. 

According to Finnish computer security firm F-Secure, a large 
Scandinavian university was hit earlier this month. 

Several university officials received an e-mail from a fraudster who 
appeared to be based in Estonia, said F-Secure research manager Mikko 
Hypponen. 

The e-mail said that several security vulnerabilities had been 
detected on the university's network and that unless the e-mail 
recipient transferred 20 euros ($25) to the author's online bank 
account, he would release a series of viruses capable of deleting a 
host of computer files. 

Hypponen said he advised the university to take the necessary 
precautions, alert police and not pay. "A lot of these cases are 
simply bluffing. But I'm sure there are both bluffs and actual cases," 
said Hypponen. 

Police say crime gangs have turned cyber extortion into a tidy 
business of late. 

A preferred tool is the crude, but effective, denial-of-service 
attack, which is capable of crippling a company's network with an 
overwhelming flood of data. 

There are scores of cases of companies -- particularly small and 
medium-size firms -- receiving extortion threats that demand that the 
victim transfer money to the fraudster's bank account to keep the 
attacks from growing in severity, police said. 

Fraudsters also send out streams of menacing e-mails with hollow 
threats of cyber sabotage. The scam works even if only a handful of 
the countless recipients pay up. 

"It's getting simpler," said Hypponen. "If you wanted to extort money 
from a small company, you would have had to hack them and convince 
them you have stolen their information. Here, you don't have to do 
anything but send an e-mail around." 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.