Webcam Scam Brings New Low To Email Phishing
By: Jim Stickley and Tina Davis
April 25, 2019
The summer of 2018 brought a new webcam extortion scam to light, taking webcam hacks to a new and frightening level. Email phishing is the tool leaving victims wishing they had never let their curiosity get the better of them. This time the webcam plot known as “sextortion” ran amok, demanding ransoms from victims in a get-rich-quick scheme. The emails threaten to expose stolen webcam footage of recipients in compromising positions. Hackers demand a bitcoin ransom to keep it from being sent to one’s list of contacts, also stolen. The real truth is both threats may be totally false, but knowing the threat exists is enough to get some victims to pay up. Although webcam hacks are nothing new, this extortion plot represents a new low for all involved, and it’s morphing into new webcam attacks.
Webcam hacks are a very real and unsettling prospect. The thought of a hacker taking over your webcam and watching from afar is disturbing. Hackers use a RAT (Remote Access Trojan) that takes over your device and turns the webcam on and off without you knowing it. RAT malware is typically installed by inviting users to click on a link in emails, social media sites, or even in text messages. Once RAT is loaded, even the webcam indicator light can be turned off further insuring the subject has no idea they’re being spied upon. Hackers sell the content on the dark web for a modest profit, but ultimately the victim is the one paying the real price.
Other webcam woes include keylogging, which literally steals the keystrokes as you’re entering them on a keyboard, leaving a lot of passwords and other sensitive data hijacked in real time. Hackers also easily get ahold of old passwords and other personal data stolen in the many breaches we’re all too familiar with. By using that data so easily found on the dark web, it lends a level of credibility to email extortion threats, especially those involving webcam spying.
There are safety precautions for users that can limit exposure to webcam threats like sextortion and keylogging. If you’re already dragged into one of these hacks, not paying a ransom is always advised. Paying-up sends a message to hackers that the threat is working, enticing them to launch even more attacks. Practicing basic cybersecurity hygiene can stop, or at the very least minimize exposure to all kinds of hacks, including those of the webcam variety.
Always approach emails from unknown senders or those you’re not expecting with caution. Hackers are very big on scare tactics, but also hide malware in attachments posing as software updates or video players. Never click on those links until you thoroughly investigate them, even if it means calling the sender to verify it’s legitimate. Running anti-malware software on a device helps find spying and other malware you had no idea was there. Always apply verified software updates as soon as they are available, as most have security patches aimed at keeping your device safe. In a world of scary cyberthreats, starring in a webcam reality show is one you can absolutely do without.