[ISN] Cyber blackmail wave targets office workers

From: InfoSec News (isn@private)
Date: Tue Dec 30 2003 - 07:31:35 PST

  • Next message: InfoSec News: "[ISN] Oh Dan Geer, where art thou?"

    http://www.computerworld.com/securitytopics/security/story/0,10801,88623,00.html
    
    By Bernhard Warner
    DECEMBER 29, 2003 
    REUTERS 
    
    Cyber blackmail artists are shaking down office workers, threatening
    to delete computer files or install pornographic images on their work
    PCs unless they pay a ransom, police and security experts said.  The
    extortion scam, which is believed to have surfaced one year ago,
    indiscriminately targets anyone on the corporate ladder with a PC
    connected to the Internet.
    
    It usually starts with a threatening e-mail in which the author claims 
    to have the power to take over a worker's computer through an exploit 
    in the corporate network, experts said. 
    
    The e-mail typically contains a demand that unless a small fee is paid 
    -- at first no more than $20 or $30 -- the fraudster will attack the 
    PC with a file-wiping program or download onto the machine images of 
    child pornography. 
    
    "They prey on the nice secretary who wouldn't do anything wrong. When 
    she gets one of these e-mails, she thinks 'Oh my goodness, what am I 
    going to do?' So she puts it on her credit card and transfers the 
    funds to the [suspect's online bank] account and hopes it goes away," 
    a British detective specializing in cybercrime told Reuters. 
    
    The officer advised against cooperating with the fraudsters. "If a 
    person pays up, say it's just 20 euros, then they have identified a 
    soft target. They may come back for more, next time demanding more 
    money." 
    
    Hard crime to crack 
    
    In the annals of cybercrime, investigators acknowledge that the racket 
    is one of the most difficult to crack. Because the ransom is small, 
    people tend to pay up and keep quiet. 
    
    Police said the number of cases is tailing off, but because it so 
    often goes unreported, there is little evidence that the crime is 
    actually in decline. 
    
    According to Finnish computer security firm F-Secure, a large 
    Scandinavian university was hit earlier this month. 
    
    Several university officials received an e-mail from a fraudster who 
    appeared to be based in Estonia, said F-Secure research manager Mikko 
    Hypponen. 
    
    The e-mail said that several security vulnerabilities had been 
    detected on the university's network and that unless the e-mail 
    recipient transferred 20 euros ($25) to the author's online bank 
    account, he would release a series of viruses capable of deleting a 
    host of computer files. 
    
    Hypponen said he advised the university to take the necessary 
    precautions, alert police and not pay. "A lot of these cases are 
    simply bluffing. But I'm sure there are both bluffs and actual cases," 
    said Hypponen. 
    
    Police say crime gangs have turned cyber extortion into a tidy 
    business of late. 
    
    A preferred tool is the crude, but effective, denial-of-service 
    attack, which is capable of crippling a company's network with an 
    overwhelming flood of data. 
    
    There are scores of cases of companies -- particularly small and 
    medium-size firms -- receiving extortion threats that demand that the 
    victim transfer money to the fraudster's bank account to keep the 
    attacks from growing in severity, police said. 
    
    Fraudsters also send out streams of menacing e-mails with hollow 
    threats of cyber sabotage. The scam works even if only a handful of 
    the countless recipients pay up. 
    
    "It's getting simpler," said Hypponen. "If you wanted to extort money 
    from a small company, you would have had to hack them and convince 
    them you have stolen their information. Here, you don't have to do 
    anything but send an e-mail around." 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Dec 30 2003 - 10:07:56 PST