• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Cyber extortion proves importance of email security

Cyber extortion proves importance of email security

  • Posted on:September 6, 2016
  • Posted in:Industry News, Security
  • Posted by:Christopher Budd (Global Threat Communications)
0
Email isn't as safe as you think it is.

Nefarious individuals have used extortion as a means of making money for as long as crime has existed. However, past schemes generally involved harm to expensive objects or even the victim himself. While these kinds of scams are still very prevalent in today's world, they certainly aren't the only ways criminals are making money.

These days, hackers have created a new way to steal what's rightfully yours: cyber extortion. While this term can be applied to a multitude of crimes, they all basically boil down to using deception and fear in order to receive payment. Of course, the loss of any amount of money is going to aggravate the victim, which is why cyber criminals are  intensely focused on anonymity. 

For this, there are few tools better than email. This service is widely used, and quite literally anyone can create an account. What's more, easy-to-learn hacking techniques allow hacker to not only hide their true intentions in attachments, but they can also often masquerade as someone that they aren't. An email account is just a name on a screen for the recipient, making this a perfect attack vector for those that wish to keep their real identities a secret. 

Trend Micro researchers expected 2016 to be The Year of Online Extortion, and recent developments have proven this to be true. To that end, what do users need to be on the lookout for, and what can they do to avoid an issue altogether? 

Ransomware is a big problem

It would be impossible to discuss cyber extortion without first mentioning ransomware. This infamous form of malware allows the hacker to encrypt all the files contained on a computer or network. Once this is accomplished, the criminals can simply send a message to the victim demanding payment. If the person pays, he or can receive instructions on how to decrypt the files. If not, the victim effectively has to wipe the machine and start from scratch. 

Such a crime is tantamount to a criminal stealing a car and saying he'll burn it to the ground if the owner doesn't pay up, only ransomware often attacks things that have no monetary value, such as irreplaceable photographs of a deceased relative. As such, people are often quick to pay the attacker. 

This crime model has become so successful that hackers have begun to develop new forms of the malware all the time. Trend Micro research revealed that in the entire year of 2015, around 50 new types of ransomware were created. In just the first six months of 2016, we've observed 79. 

Clearly, hackers have decided that one of the best ways to make money is to hold files hostage, but exactly how they do this varies. CSO's Paul Gillin described a strain of ransomware called RAA that not only encrypts your files, but also installs something called Pony. This malware skims all of your passwords and then uses a network connection to infect other PCs, making this the scourge of large offices. 

Due to the fact that ransomware is very often distributed via phishing email campaigns, this last example is especially frightening and shows exactly why this form of malware is so effective. An email sent to an office of 100 people can be skipped over 99 times, but all it takes is one person clicking on a malicious link and every computer on the network can be encrypted. 

Email's anonymity allows hackers to extort

The reason that hackers can get away with these ransomware scams is that they can hide behind the anonymity of the internet. Not only are email accounts hard to track, but the bitcoin payment these criminals demand can't be followed back to one single individual. However, this namelessness can allow hackers to do a lot more than hold files for ransom. 

Computerworld's Lucian Constantin detailed a specific scam where hackers extorted thousands of dollars out of companies by threatening to hit them with a distributed denial-of-service attack. This is where the cyber criminal sends an enormous amount of internet traffic to a server in order to force it to crash. This particular scam was levied by the Armada Collective, and their requests were sent out via email. 

But, here's the kicker: The companies being threatened were never in any danger. No one who refused to pay ever got hit with a DDoS attack, and CEO of CloudFlare Mathew Price was quoted as saying that the hackers wouldn't have even been able to track who sent in money and who didn't.

Regardless, the anonymity of this attack certainly frightened some organizations, as the Armada Collective made off with more than $100,000. Although there was no malware actually distributed via the messages, this incident shows the extent to which hackers can use email to their advantage. 

What can you do to avoid getting extorted?

At the end of the day, the only way to sidestep cyber extortion is to stay vigilant about what you do online. Users should always read the addresses from which these messages are coming from and they absolutely need to be suspicious of every single one. A trick that a lot of hackers use is to employ a phishing attack by making an email look a lot like a message someone would receive from a reputable company. The email itself will look legit, but the address might be misspelled. You should always be on the lookout for these. 

On top of this, it's imperative that you never click on a link without first checking it out. Most email features allow you to preview what the link will take you to, and Gmail simply allows you to hover over something in order to see what the real URL is. 

BEC can be addressed through better email security

Although it technically isn't extortion, the threat of business email compromise can be mitigated through similar security best practices. This scam has risen in popularity among hackers recently, and for good reason. Many people aren't very mindful when it comes to the messages they receive online. 

Of course, this isn't the victim's fault. The Radicati Group has estimated that the average business email receives 122 messages every single day. It certainly isn't surprising that some people, overworked and stressed, wouldn't be as cautious as they should be. 

As the name suggests, BEC is basically where a hacker gains access to an important executive's email account through nefarious means. Simple spear phishing attacks are often favored, but sometimes cyber criminals will infect the computer of the victim's child or spouse and leap frog their way to their intended target. 

Once the hacker has control, all he has to do is email someone with the proper authority to make a money transfer to one of his accounts. Employees often aren't used to questioning their bosses, and as such many will simply move the money without a second thought. It's a simple scam that's intensely effective. 

Aside from the other security tips mentioned above, employees can mitigate the risks of such an attack by staying vigilant. Any transfer that is of significant value or simply seems out of the ordinary should be confirmed in person or over the phone. 

Due to the service's widespread use, people often take email security for granted. Simply staying mindful of how hackers could possibly attack could save you from a lot of trouble. 

Related posts:

  1. What do you need to know about email security?
  2. 2016: The Year of Online Extortion
  3. The importance of device setup in cyber security
  4. Windows weaknesses showcase importance of cyber security

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Cloud-based Email Threats Capitalized on Chaos of COVID-19
  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.