[iwar] Cyber Blackmail Wave Targets Office Workers

Cyber Blackmail Wave Targets Office Workers
Mon December 29, 2003 07:21 AM ET

By Bernhard Warner, European Internet Correspondent

LONDON (Reuters) - Cyber blackmail artists are shaking down office
workers, threatening to delete computer files or install pornographic
images on their work PCs unless they pay a ransom, police and security
experts said.

The extortion scam, which is believed to have surfaced one year ago,
indiscriminately targets anyone on the corporate ladder with a PC
connected to the Internet.

It usually starts with a threatening e-mail in which the author claims
to have the power to take over a worker's computer through an exploit in
the corporate network, experts said.

The e-mail typically contains a demand that unless a small fee is paid
-- at first no more than $20 or $30 -- they will attack the PC with a
file-wiping program or download onto the machine images of child
pornography.

"They prey on the nice secretary who wouldn't do anything wrong. When
she gets one of these e-mails she thinks 'Oh, my goodness what am I
going to do?' So she puts it on her credit card and transfers the funds
to the (suspect's online bank) account and hopes it goes away," a
British detective specializing in cyber-crime told Reuters.

The officer advised against cooperating with the fraudsters. "If a
person pays up, say it's just 20 euros, then they have identified a soft
target. They may come back for more, next time demanding more money."

HARD CRIME TO CRACK

In the annals of cyber-crime, investigators acknowledge the racket is
one of the most difficult to crack. Because the ransom is small, people
tend to pay up and keep quiet.

Police said the number of cases is tailing off but because it so often
goes unreported, there is little evidence the crime is actually in
decline.

According to Finnish computer security firm, F-Secure, a large
Scandinavian university was hit earlier this month.

Several university officials received an e-mail from a fraudster who
appeared to be based in Estonia, said F-Secure research manager Mikko
Hypponen.

The e-mail said several security vulnerabilities had been detected on
the university's network and that unless the e-mail recipient
transferred 20 euros ($25) to the author's online bank account, he would
release a series of viruses capable of deleting a host of computer
files.

Hypponen said he advised the university to take the necessary
precautions, alert police and not pay. "A lot of these cases are simply
bluffing. But I'm sure there are both bluffs and actual cases," said
Hypponen.

Police say crime gangs have turned cyber extortion into a tidy business
of late.

A preferred tool is the crude, but effective denial-of-service attack on
a company's network, capable of crippling it with an overwhelming flood
of data.

There are scores of cases of companies -- particularly small and
medium-sized firms -- receiving extortion threats that demand the victim
transfer money to the fraudster's bank account or the attacks will grow
in severity, police said.

Fraudsters also send out streams of menacing e-mails with hollow threats
of cyber sabotage. The scam works even if only a handful of the
countless recipients follow through and pay up.

"It's getting simpler," said Hypponen. "If you wanted to extort money
from a small company you would have had to hack them and convince them
you have stolen their information. Here, you don't have to do anything
but send an e-mail around."

-- This communication is confidential to the parties it is intended to serve --
Fred Cohen - http://all.net/ - fc@all.net - fc@unhca.com - tel/fax: 925-454-0171
Fred Cohen & Associates - University of New Haven - Security Posture

------------------
http://all.net/

Yahoo! Groups Links

To visit your group on the web, go to:
 http://groups.yahoo.com/group/iwar/

To unsubscribe from this group, send an email to:
 iwar-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to:
 http://docs.yahoo.com/info/terms/
Received on Mon Dec 29 11:53:12 2003