Threat Watch

Extortion Email Remerges

A new extortion email campaign has been seen on the rise according to researchers.  This new style delivers a bogus email that that has a subject line of, “Incident:(random characters)” and appears to be directed more to companies than individuals. The email states in the first sentence, “Forward this mail to whoever is important in your company and can make decision!” The email goes on to state that the victim’s devices have been hacked and if the company does not send them two Bitcoin (Approximately $10,000), they will notify the “Tax Department” of possible tax fraud, install WannaCry ransomware, and DDoS (Distributed Denial of Service) the company’s systems.  Currently, the Bitcoin wallet listed in the email has had zero extortion payments and will likely stay that way. These emails are attempting to scare companies and individuals to pay the extortion payment in an attempt to avoid embarrassment. One indicator of the false nature of these attacks is the extremely poor grammar and spelling used in the body of the email.

ANALYST NOTES

If a user receives this email or any other like it, do not pay the ransomed amount and notify the user’s network security department and law enforcement.