CIA sextortion campaign, analysis of a well-organized scam

Pierluigi Paganini June 10, 2019

Crooks are posing as CIA agents in a sextortion campaign, they are sending emails to inform the victims of an investigation into online pedophilia rings.

Crooks are posing as CIA agents in a new sextortion campaign, they are sending emails to inform potential victims of an ongoing investigation into online pedophilia rings.

Fraudsters are offering to drop the investigations on the victims for money, according to experts at Kaspersky.

“The author of the e-mails that caught our experts’ collective eye poses as a CIA officer who has allegedly found the recipient’s details in Case #45361978 (relating to possession and distribution of child pornography, or so it seems). ” reads a post published by Kaspersky. “The “officer” states that the CIA is about to swoop in on more than 2,000 individuals suspected of pedophilia in 27 countries around the globe. The message implies that the recipient is accused of being one of them. “

Crooks claim they are conducting a “large international operation set to arrest more than 2000 individuals in 27 countries.”

In order to scare people and trick them into paying, the fraudsters claim to have collected evidence of the illegal activities, they are telling the victims that they have collected the mark’s home and work addresses, contact information, they also claim to have recorded each recipient’s ISP and browsing history, social media activity. chat logs, and also Tor browsing activity,

The fake CIA agents are offering to drop the investigation and destroy the evidence for a $10,000 Bitcoin payout.

“I read the documentation and I know you are a wealthy person who may be concerned about reputation,” reads the scam email message sent to the victims. “I am one of several people who have access to those documents and I have enough security clearance to amend and remove your details from this case.”

Sextortion campaigns are not a novelty in the threat landscape, in most cases, victims concern of reputational damage in case hackers will expose their immoral habits to friends and colleagues.

The messages used in the “CIA” sextortion campaign are well-written with a good layout, they appear as authentic.

“Such messages are sent to thousands or even millions of people in the hope that just a handful will swallow the bait,” explained Kaspersky senior anti-spam analyst Tatyana Scherbakova.

“Given the size of the ransom, if even a few victims pay up, it will have been worth the cybercriminals’ time and effort.”

Below the recommendations provided by Kaspersky:

  • Never pay scammers; that would only encourage the extortionists even more.
  • Do not respond to the e-mail, even if you really want to prove to the author that your name is in the “case file” by mistake. By doing so, you would be confirming that your address is valid and provoke an even greater wave of spam. For the same reason, do not try to troll the scammers.
  • Close the message and mark it as spam — this will help the spam filter to do its job better.
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – sextortio, scam)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment