Blackmail Emails Are Being Sent to the Workplace

Blackmail emails that were previously sent only to personal accounts are now being sent to business accounts. Find out what the emails are saying so you can be prepared in case you receive one.

In 2018, people were receiving emails in their personal accounts that tried to blackmail them into paying a ransom. People are now reporting that they are receiving similar emails at work.

In the emails, the blackmailers state they have evidence that the recipient has viewed a video on a pornography website because they hacked into the recipient’s computer. Specifically, they claim to have recorded what the recipient was watching and doing while viewing the video by using the device’s screen-capturing capabilities and webcam. The blackmailers then threaten to send the recording to everyone in the recipient’s email and social-media contact lists if the person does not pay the specified ransom.

The Blackmail Emails Are Actually Phishing Scams

The blackmail emails that people have been receiving at work and at home are actually phishing attacks being sent out by cybercriminals. The emails contain several classic signs of phishing scams:

• Generic greeting. The emails do not include the recipients’ names in the salutation. Instead, they use a generic greeting such as “Good Morning my friend” or no greeting at all. In some cases, the recipient’s email address (or a shortened version of it) is used in the salutation.
• Generic content. The emails do not contain any specifics about the incidents that were supposedly recorded. For example, they do not mention which websites the recipients were supposedly visiting when the recordings were made.
• A sense of urgency and fear. To get people to fall for the scam, the emails try to create a sense of urgency and fear by first letting the recipients know that compromising recordings have been made and then telling them the recordings will be shared with their coworkers, friends, and family if the ransom is not paid.
• Misspellings and grammatical errors. The emails contain misspellings and grammatical errors.

In some of the blackmail emails, the cybercriminals have been including a password that the recipient currently uses or has used in the past as “proof” they have hacked the person’s computer. However, email address-password pairs are often stolen in data breaches and can be easily purchased on the dark web. So, although alarming, the inclusion of a password does not prove the recipient’s computer has been compromised.

What to Do If You Receive This Phishing Email

If you receive a phishing email like this (or any other type of phishing email), here is what you should and shouldn’t do:

• Do not panic or respond to the email.
• Do not open any email attachments. In one instance, a blackmail email included an attachment. Opening an attachment could lead to spyware or another type of malware being installed on your computer.
• Do not click any links in the email. Although the blackmail emails thus far have not included links, cybercriminals continually change their attack methods. Clicking a link could lead to malware being installed on your computer.
• Follow company policy on how to deal with phishing emails if you receive one at work (e.g., forward it to the IT help desk, simply delete it).
• Change your password if necessary. If the email includes a password that you currently use, change that password. If you used the password for multiple accounts, be sure to change each instance to a unique, strong password.

Scan your device for malware using your device’s security software as a precaution.