Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
Digital Shadows Photon Research Team tracks 792,000 sextortion attempts in 7 months with criminals making an average of $540 per victim
San Francisco and London, February 21, 2019: Digital Shadows, the leader in Digital Risk Protection, has today published new research looking at the business of cyber extortion. Entitled ‘A Tale of Epic Extortions’ it reveals that criminal groups are promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors with extortion scams. These salary promises can be higher still for those with network management, penetration testing and programming skills – with one threat actor willing to pay the equivalent of $768,000 per year, with add-ons and a final salary after the second year of $1,080,000 per year.
One principal method of extortion where criminals deem potential victims to be particularly vulnerable is so-called ‘sextortion’. Digital Shadows tracked a sample of sextortion campaigns and found that from July 2018 to February 2019 over 89,000 unique recipients faced some 792,000 extortion attempts against them. An analysis of Bitcoin wallets associated with these scams found that sextortionists could be reaping an average of $540 per victim.
The campaigns follow a similar pattern: The extortionist provides the user with a known password as “proof” of compromise, then claims to have video footage of the victim watching adult content online, and finally urges them to pay a ransom to a specified Bitcoin (BTC) address. However, it is worth noting that other campaigns can be even more sinister – the so-called ‘Hitman’ spam campaign Digital Shadows noted from December 2018 simply claims recipients will be “killed” unless a Bitcoin demand is paid.
Extortion is in part being fuelled by the amount of ready-made extortion material readily available on criminal forums. These are lowering the barriers to entry for wannabe criminals with sensitive corporate documents, intellectual property, and extortion manuals being sold on by more experienced criminals to service aspiring extortionists. Blackmail guides, for example, are on sale for less than $10.
In one such example, seen by Digital Shadows, the guide specifically focuses on a sextortion tactic whereby the threat actor begins an online relationship with a married man and then threatens to reveal details of the affair with his partner unless a ransom is paid. The guide claims this extortion method is the easiest for ‘novice’ threat actors to start with, suggesting they could earn between $300-$500 per extortion attempt. Dedicated subsections exist on criminal forums for these type of dating scams.
Even greater levels of sophistication could be around the corner if so-called ‘crowd funding’ schemes take off. In April 2018, threat actor ‘thedarkoverlord’ stole documents belonging to the insurance provider, Hiscox. This included files related to the 9/11 attacks in the US. The threat actor hoped to play on the public’s appetite for 9/11-related controversy and encourages people to raise funds in order to view the documents. Currently this campaign has amassed some $11,600 (3.46 BTC).
Crowdfunding models such as this allow extortionists to raise funds from the general public rather than relying on victims giving in to ransom demands. Organizations dealing with inflammatory or sensational information should therefore consider how they would respond if an attacker opts for this course of action.
Rick Holland CISO and Head of the Photon Research Team at Digital Shadows comments: “The research shows that cybercriminal groups are increasing their targeting of high net worth individuals and / or those that hold positions of power within companies. Many threat actor groups are actively on the recruit for members to collaborate with and to help them scale their operations.
Holland continues: “Widespread and opportunistic extortion campaigns are also lucrative. The social engineering aspects of these emails prey upon the recipients and entice them into paying the extortion amount. Unfortunately, our analysis of a select number of the campaigns, shows us the criminals have amassed over $300,000. Education and minimizing your personal and professional online exposure are essential for thwarting extortionists goals. Since the lines between our personal and professional lives are so blurred, firms should educate their staff and tell them never to pay out a sextortion request.”
Digital Shadows advises the following to reduce the risk of extortion:
To learn more about the issue of extortion please view the following assets:
The full research: A Tale of Epic Extortions: How Cybercriminals Monetize Our Online Exposure
A blog post: Extortion exposed: Sextortion, thedarkoverlord, and SamSam
ABOUT DIGITAL SHADOWS
Digital Shadows minimizes digital risk by identifying unwanted exposure and protecting against external threats. Organizations can suffer regulatory fines, loss of intellectual property, and reputational damage when digital risk is left unmanaged. Digital Shadows SearchLight™ helps you minimize these risks by detecting data loss, securing your online brand, and reducing your attack surface. To learn more and get free access to SearchLight, visit www.digitalshadows.com.