To avoid being caught by email filters, sextortion phishers find escape by pivoting away from bitcoin to alternative cryptocurrencies, ZDNEI reports.
Litecoin, in particular, has become the new reliable crypto coin for some sextortionists, as major email provides automatically flag suspicious emails that feature Bitcoin wallet addresses.
“As this latest twist shows, threat actors can switch to the next cryptocurrency [sic] and attempt to iterate through all the scam’s previous versions,” said phishing analysts Cofense.
Sextortion flavor of the month: Litecoin
For over a year, plagued inboxes have been reported due to sextortion phishing scams. Scammers have claimed that malwares infect recipients machines to record webcams and naughty browsing habits, demanding bitcoin in exchange for not leaking the data to the world.
To make things look more credible, they would often include sensitive information like email passwords, believed to have been sourced from any number of major online data leaks.
Not all cryptocurrencies are easily accessible from popular exchanges, Cofense explained. One reason why scammers have switched to Litecoin over any other cryptocurrencies.
Potential Victims would have to acquire the demanded cryptocurrency for the scam to work and Litecoin, fits that description.
Recent iterations of the scam have evolved in different ways. Instead of opting for PDF documents, which in some cases are encrypted, some have removed texts and images altogether.
Writing using very few searchable patterns have also been used by current scam versions, to again, avoid detection.
Its all fun and games until the real malware showed up
Based on Hard Fork’s report, “They told me I have very good taste in porn so i thought that was nice. ” an 84-year-old bagel loving lady said as she foiled a 1,400 sextortionist plot by simply ignoring emails.
One month later, however, ESET researchers discovered that a nasty strain of malware is capable of detecting pornography on screen and even automatically records webcam footage when found.
Dodgy email attachments are carriers of this particular malware, so avoiding suspicious emails is one easy way to defend against it.
Simply not replying to sextortion emails is still the best defence.