A class of extortion scam which is known as the “Belarus Phishing Expedition” has reared its head in South Africa.
It attempts to trick people into paying money to prevent embarrassing information about them appearing online.
The scam requires a con-artist to trick you into believing that they have compromising information about you, and that they will send it to your friends and family unless you pay them.
The scammer also includes your name and a password for one of your online accounts in the subject line of the extortion email.
One example is that a con-artist will tell you they used malware which remotely enabled your computer’s webcam, and that they recorded you masturbating to pornography.
They also claim to have access to all your contacts, and will send the video to everyone you know.
South Africans become targets
An expert in online scams in South Africa, who requested to remain anonymous, told MyBroadband they have received several reports of these scams of late.
Until recently, this kind of shame scam had not been prevalent in South Africa.
“Obviously this does show that South Africa is also now on a target list,” he said.
“More South Africans will see such attempts. This extortion attempt is being spammed out massively to try and catch a hapless victim who may fall for it.”
One report received from South Africa involved a concerned husband whose wife got an email with her “bank password” contained in the subject line.
It turned out that the same password was used for a different online account which had been involved in a known leak.
After delivering a lecture on password re-use, the expert was able to assure the husband that his wife had not browsed the sites the scammers alleged they caught her on – and that he should not pay the extortion fee.
“This illustrates the danger of such an email arriving at you or your spouse’s email address. Yes, you know you are innocent, but does your spouse or partner know it?”
He added that the defence against this extortion is the same as for any other phishing attempt – ignore it.
Ashley Madison hacks
Kari-Anne Liebling from FireFly told MyBroadband that Scam Survivors also started seeing these phishing attempts shortly after the Ashley Madison hack.
“The first attempts were from Belarus and as such the term Belarus Phishing Expedition was coined,” said Liebling.
“Initially bespoke email-only domains were used to launch the phishing expeditions. After a few months, the scammers started signing these as $ui$ideBunnY squad – but this was dropped.”
Another potential identifier is that these people pretend to be hackers, usually from China or Russia.
“From the beginning of this year, the fraudsters started using spoofed emails, meaning you can’t reply to them, leaving the victim with only a bitcoin wallet and a short time to pay.”
“They’ve since changed to Outlook.com email addresses. The latest development is to use leaked passwords, publicly-available, to convince the target they have been hacked.”