New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


New Sextortion Scams Imitates CIA Emails

Sextortion emails have become more and more common, and the newest one is pretending to be the CIA. The email that is in circulations has a subject line which is similar to one saying, “Central intelligence Agency- Case #XXXXXXX,” where the x’s are replaced with a random string of numbers. The contents of the email inform the targeted individual that they have been caught watching pornography that is related to children. The email states that the CIA has personal details that allows them to know the victim’s identity and location. Furthermore, the person sending the email claims that they know that the victim is a “wealthy person who may be concerned about reputation.” The email will then offer the victim the chance to buy his way out of trouble before they start arresting people included in this case. The attacker is requesting that $10,000 dollars be transferred to them via bitcoin (approximately 2.52 BTC at the time of writing). Once the payment is made, the requester assures that the files relating to the targeted individual “will be taken care of.” The emails have been coming from a slew of different email addresses all with different names and @domains.

Analyst Notes

Emails like these have been around for a while, trying to use the fear factor and prey on victims that believe that they could be in real trouble. If one of these emails is received, the targeted individual should delete the email. If the email is received at a work address, the individual should contact the appropriate person so that the email address can be blocked from sending any more emails into the network. These emails are scams and no money should be transferred when an email like this is seen.