Written by: Jack Loomis, Cyber Security Specialist
Bitcoin is one of today’s most popular virtual currencies available for trade. We are seeing more and more eCommerce sites accepting this as a form of payment, and for good reason. Bitcoin is traded much like stocks on the stock market, where the value fluctuates based on the demand. While it’s not a new thing by any means in the tech world, we’re seeing it enter the mainstream more and more nowadays. One reason that some people like to use Bitcoin is that the trade of it is relatively anonymous. Traders will set up a virtual “wallet” that allows them to store their Bitcoin and trade it with others, or to cash it in to their financial institution. Because of the anonymity, malicious actors tend to use this as a form of payment for things such as ransomware or – in the case of this article – blackmail.
In this example, a user receives an email from a malicious actor that claims that they caught them doing some nefarious thing on their computer via webcam. The actor may even provide a password, which may actually be a password that you use! They claim that they will release this information – whether to a spouse or the public – unless a payment is made via Bitcoin. So, if you receive an email like this, what should you do? Here are a few tips:
- Don’t panic. It’s highly unlikely that the malicious actor has any real information about you. This may not always be the case, but most of the time someone looking to “out” someone for some form of gain would just do it. The first thing to keep in mind is don’t pay and also never respond to the email.
- If the sender of the email provided a password that you have used, or currently use, remember that this information was likely gained from previous password breaches that were found on the dark web. There are reports released on the dark web every day that contain hundreds, thousands, and even millions of passwords. This malicious actor likely grabbed one tied to your name, and included it as a scare tactic. However, it’s still good to change the password on any account that uses this password, and make sure to follow proper password policies to ensure that it’s unique and strong.
- After you’ve made sure your accounts’ passwords have been changed, simply delete the email. Once again, responding will not yield a good outcome. Whether the actor responds or not, it will not gain you anything. Mark the email as spam, move it to junk, or just get rid of it.
It’s important to always look out for scams such as this one, as this is just one of many possible examples. If you would like more information about cyber scams, or cyber security in general, please reach out to Southshore Managed IT Group at 219-226-3386. Click here to learn more about Bitcoin and how to protect your information.