Connect with us

Opinion

The evolving threat posed by sextortion scammers

Published

on

threat posed by sextortion scammers

Despite the launch of numerous campaigns to raise awareness of the crime, sextortion scams are on the rise. Back in June, a report from the FBI revealed that complaints relating to extortion increased by 242% to 51,146 in the US last year, with total losses of $83 million, and that the majority of these were part of sextortion campaigns. In the UK, Britain’s National Crime Agency (NCA) warned in 2018 that cases of sextortion reported to police across the country  had risen more than three-fold between 2015 and 2017, noting that it is difficult to arrive at an accurate estimate of how widespread the crime truly is on account of the fact that many victims are too embarrassed to report their experiences to the police.

Sextortion scams typically involve cyber criminals coercing a victim into performing sex acts in front of a webcam and then blackmailing them with the resultant video footage. Scammers will oftentimes threaten to post compromising images and film on public websites or social media platforms, or email it to friends and relatives of the people they target. In many cases, sextortion scams are perpetrated by organised criminal networks that run indusial-scale operations in countries such as the Philippines, where perpetrators can exploit relatively lax local laws and stay largely beyond the reach of law enforcement agencies in the countries in which they target victims. Traditionally, scammers target victims on social media and other online platforms using false identities on the premise they are looking for sex. More recently however, new forms of sextortion scams have been emerging.

These days, it has become commonplace for sextortion scammers to send out phishing emails without having obtained compromising images or film of potential victims beforehand. In these messages, scammers claim to have infected potential victims’ connected devices with malware that has allowed them to take control of their webcam. The scammers go on to claim they have subsequently captured footage of potential victims viewing adult content online, and that unless a ransom is paid in cryptocurrency, this will be distributed to their family and friends. According to cyber security firm Sophos, these types of massage should typically not be taken seriously unless they include evidence that the scammers do indeed possess the compromising material to which they refer. In August, phishing defence firm Cofense published a database of over 200 million compromised email accounts being targeted by a large sextortion scam in which cyber criminals used a “spray and pray” botnet to target potential victims.

In a more targeted variation of this scam, fraudsters use passwords belonging to potential victims compromised in previous data breaches to create the illusion they have more on the people they seek to extort than they do. One example email published by security expert Brian Krebs last year read: “I do know, [PASSWORD REDACTED], is your password. You do not know me and you are probably thinking why you are getting this e mail, correct? Well, actually, I placed a malware on the adult videos (pornography) website and do you know what, you visited this web site to experience fun (you know what I mean).”

But while the scammers behind these types of messages almost certainly do not have the compromising material they claim to possess, the scenario they describe looks likely to become all too real for some adult movie enthusiasts. Earlier this month, US enterprise security company Proofpoint revealed in its latest quarterly report that its researchers had discovered malware that genuinely does allow hackers to capture video from a victim’s webcam. The software, dubbed “PsiXBot”, works on devices running Microsoft’s Windows operating systems, and can be downloaded onto a victim’s computer without their knowledge via dodgy websites or music and video downloads. Once installed, the malware waits for a victim to use a pornography-related search term before activating their webcam and microphone before sending whatever is captured back to its controller.

Law enforcement agencies advise that victims of sextortion scammers never hand over a ransom, even when there is evidence that fraudsters really are in possession of compromising material. Once one payment is made, police say, fraudsters will almost invariably keep coming back for more, and will be highly unlikely to delete any material they do hold. Both the FBI and the NCA have published  advice on what victims should do if they fall victim to a sextortion scam, but in most cases it proves all but impossible to track down perpetrators when cases are reported. While it is of course advisable to make sure that your virus protection software is up to date, with the emergence of malicious software such as PsiXBot, the only real way to stay safe from sextortion scammers is to never do anything in front of a webcam that you would not feel comfortable doing in front of your mother.

Continue Reading

Opinion

How America’s methamphetamine crackdown enriched Mexican drug cartels and made the country’s problem with the drug worse

Published

on

America’s methamphetamine crackdown enriched Mexican drug cartels

Up until 2006, the overwhelming majority of methamphetamine consumed in the US was manufactured in domestic labs scattered across the country. Then, at what came to be considered the peak of the country’s meth use epidemic, new legislation was introduced that made it much more difficult for producers of the drug to get hold of the ingredients required to make it. The 2005 Combat Methamphetamine Epidemic Act included much stricter controls on the sale of ephedrine, pseudoephedrine and phenylpropanolamine, and resulted in a sharp fall in the amount of meth produced in the US.

Thanks to the introduction of laws such as these and numerous crackdowns on US methamphetamine manufacturers launched by the Drug Enforcement Administration (DEA), domestic production of the substance was almost eradicated during the latter part of the mid-2000s, save for small time producers using the highly dangerous so-called “shake-and-bake”. But rather than ending the country’s problem with the drug, these developments opened a huge opportunity for Mexican trafficking cartels, which have over the intervening years more than plugged the gap left in the market.

While the Combat Methamphetamine Epidemic Act did result in a fall in the number of meth users and hospital admissions related to use of the drug in the immediate aftermath of its introduction, the emergence of Mexican labs turning out huge quantities of what has come to be referred to as “super meth” soon began to reverse any gains. Having fallen to a low of 314,000 in 2008, the number of American’s using methamphetamine in 2018, the most recent year for which data is available, rose to 1.9 million, according to the 2018 National Survey on Drug Use and Health. This was equivalent to a rise from 0.1% of the US population to 0.7%. Experts agree that the drug’s extraordinary comeback is being driven almost exclusively by Mexican cartels skilful exploitation of US efforts to end domestic production of methamphetamine.

Unlike what was being produced in domestic labs, the meth coining into the US from Mexico is typically close to 100% pure and can cost as little as $5 a hit. The price of the drug has plummeted over recent years thanks to the sheer volumes the cartels are bringing into America, making it even more attractive to addicts looking to get as a long a high as possible for their money. In July of last year, federal drug data seen by NPR revealed that seizures of meth by US law enforcement agencies rose 142% between 2017 and 2018.

In November of last year, acting US Customs & Border Protection Commissioner Mark Morgan warned that super labs in Mexico were flooding America with ever cheaper and purer forms of meth. During a White House press briefing, Morgan said: “The illicit narcotics the transnational criminal organisations are flooding the US with are making their way to every town, city, and state in this country.  It isn’t just a border issue. Make no mistake: If your city, town, or state has a meth problem, it came from the southwest border.”

Away from National Survey on Drug Use and Health data, other indicators suggest super meth is beginning to take its toll on users. At the end of January, the US Centres for Disease Control and Prevention revealed that between 2012 and 2018, the rate of drug overdose deaths involving psychostimulants such as methamphetamine increased nearly five-fold. Separately, a study published by Millennium Health in the JAMA Network journal this January revealed that use of methamphetamine is rocketing across the US, with the number of urine samples testing positive for the drug rising from about 1.4% in 2013 to around 8.4% last year. The findings of the study suggested that “methamphetamine-related overdose deaths [especially] may continue to increase”.

As part of its efforts to stem the flow of methamphetamine flooding into the country, the DEA last week launched Operation Crystal Shield, which will see the agency target major methamphetamine trafficking hubs in locations such as Atlanta, Dallas, El Paso, Houston, Los Angeles, New Orleans, Phoenix and the St Louis Division. The DEA said in a statement that these locations accounted for 75% of all methamphetamine seizures made in the US last year.

But with the Mexican cartels coming up with evermore ingenious methods of sneaking their products into the country, including bringing methamphetamine into the US in liquid form, the DEA will have its work cut out. While well intentioned, the mid-2000s crackdown on America’s methamphetamine crisis not only appears to have opened up an extremely lucrative new line of business for Mexican trafficking gangs, but may very well also have made the country’s already disastrous relationship with the drug much worse.

Continue Reading

Opinion

Islamist or far right, terrorist prisoners should remain behind bars if there is the slightest suspicion they could still pose a risk

Published

on

terrorist prisoners should remain behind bars

The British government last week very sensibly moved to make sure dangerous terrorist prisoners cannot be released halfway through their sentences to maim and murder innocent members of the public. In emergency legislation tabled in Parliament after two Islamists launched bloody attacks over the past few months having both been let out of jail early, UK government ministers sought to prevent extremists from being set free prior to serving at least two-thirds of their sentence. Even then, cases would need to be referred to the Parole Board for consideration before an inmate could be freed, according to the draft legislation. Under British law as it stands, terrorist suspects are automatically released from jail halfway through their sentences even if authorities believe they could still pose a threat.

The unveiling of the proposed new law prompted some commentators to complain that simply locking up terrorists and throwing away the key is no way to deal with radicalised individuals, as is often the case whenever stricter sentencing for these types of offences is floated as an idea. In reality though, while the suggested new measures may be a start, they go nowhere near far enough.

While the multiple terror attacks the UK endured throughout 2017 were not enough to force any meaningful change, one need only look at the events of the past few months to see how desperately reform of current legislation is needed. In November of last year, an Islamist extremist who had been let out of jail early after being convicted of plotting to launch attacks on several London landmarks stabbed two people to death while attending a conference on rehabilitating offenders in Fishmongers’ Hall near London Bridge.

If it were not for the bravery of members of the public, who tackled Usman Khan before armed police arrived on the scene and shot him dead, it is likely that many more victims would have lost their lives. Khan was handed an indeterminate prison sentence for “public protection” with a minimum jail term of eight years after he was convicted of a range of terrorist offences in 2012, including plotting an attack on the London Stock Exchange. Despite this, he was freed in December 2018, less than a year before he launched his deadly attack.

Just months later, another Islamist extremist stabbed two people in the London suburb of Streatham after being released halfway through a terror-related prison sentence just days earlier. Sudesh Amman was shot dead by a police officer who was part of team keeping him under surveillance due to worries about the danger he posed. Amman was set free after being jailed for possessing documents containing terrorist information and disseminating terrorist publications. If nothing else, the fact the 20-year-old jihadist was released from custody despite being considered so dangerous that he required police surveillance demonstrated just how wrong-headed current UK law is.

How can it be the case that a potentially violent extremist can be let out of prison when he is considered such a threat that he requires a team of detectives to monitor his movements? While it is of course a good thing that officers were on hand to neutralise Amman after he launched his attack, would it not have been better for all concerned if he was not been freed in the first place?

Over the approaching months, scores of convicted terrorists will be coming up for release in Britain, which is one of the reasons the UK government is so keen to push through its new legislation as soon as possible. But while the new law might buy ministers some breathing space by keeping dangerous extremists off the streets in the short term, all it effectively does is kick the problem into the long grass. Even if some extremists are forced to serve the whole of their tariff behind bars, there will be no guarantee they will not hold the same views that inspired their original crimes once they are eventually released from jail. This will be the case whether the offender of is an Islamist or a member of a far-right organisation, although the former group is by some margin a more worrying concern in the UK at present.

As such, the law must act accordingly. A system under which terrorists are handed determinate sentences is no longer fit for purpose, as has been demonstrated repeatedly not only in the UK but also elsewhere. Members of the public deserve to be protected from dangerous extremists, which means none should be allowed to walk the streets until any suspicion that they might pose a risk has been completely discounted. The long and short of the matter is that so long as those harbouring dangerous extremist attitudes are not allowed back on the streets, their chances of acting out their ideological impulses will be much diminished, and you and I will feel safer going  about our business without the fear of being stabbed in the neck by a convicted terrorist whose rightful place is behind bars.

Continue Reading

Opinion

How virtual credit card skimmers successfully target blue-chip firms that should have the resources to repel their attacks

Published

on

virtual credit card skimmers

Despite the banking industry’s best efforts and the launch of a multitude of awareness-raising campaigns by law enforcement agencies across the globe, criminals are still able to use ATM machine and point-of-sale (POS) payment system skimmers to harvest consumers’ credit card details with relative ease. In just the past few weeks, a French-Brazilian man was handed a suspended jail sentence in Australia after being convicted of using an ATM skimmer to fleece victims of tens of thousands of dollars, while police in numerous states across the US have reported increased incidents of credit card skimming devices being found attached to payment consoles at petrol station pumps.

If it were not bad enough that the makers of cash machines and POS devices appear to be completely unable to prevent a scam that now seems relatively low-tech in nature, hackers are increasingly turning to a virtual version of credit card skimming that targets information entered by buyers during the checkout process on ecommerce platforms.

Earlier this week, Interpol revealed that it had supported an operation that resulted in the arrest of three suspects in Indonesia who are alleged to have used digital skimming code to steal the personal credit card information of consumers using multiple ecommerce platforms. The international law enforcement agency said the three suspects went on to use the card details they stole to buy electrical equipment before selling it on at a profit.

In collaboration with online security firm Group-IB, Interpol also identified several servers associated with this type of crime and a number of infected websites in six countries in the ASEAN region. The results of the operation demonstrated the relative ease with which virtual credit card skimmers can be deployed, highlighting the fact that they can be difficult to detect and can be bought and deployed by hackers easily for as little as $250.

This type of cyber crime activity is often referred to as Magecart, an umbrella term coined to describe the act of using so-called JavaScript sniffer malware to target ecommerce websites built on the Magento platform. By maliciously injecting a simple yet effective code into such websites, Magecart hackers are able to steal consumers’ card details and personal information as they go through checkout pages at the end of the purchasing process.

Much in the same way as physical skimmers capture credit card information and PINs at ATM and POS machines, JavaScript sniffers record payment card details and personal information such as names, addresses and phone numbers and then send this on to servers controlled by the hackers behind the scam. As well as using this information to make purchases, cyber criminals can also put credit card details on sale in bulk on the dark web, or use the information they steal to commit identity fraud.

While consumers will more often than not get their money back if their credit card information is compromised by JavaScript sniffer malware, companies targeted in such scams can suffer lasting reputational damage, and can in some cases face fines for failing to protect their customers’ data. Despite the potential consequences, businesses that one would assume would have more than adequate resources to direct towards ensuring the security of their IT systems have fallen victim to Magecart-style attacks, including British Airways and Ticketmaster.

This comes down to the fact that JavaScript sniffer code can be so difficult to detect once it has been injected into a website. At the end of December, Malwarebytes security researcher Jérôme Segura explained in a blog post how JavaScript sniffer code can be hidden in such seemingly innocuous website components as wieldy-used boilerplate “free shipping”  image files. Segura noted that media files are good places for hackers to hide such code on account of the fact that most web crawlers and scanners concentrate on HTML and JavaScript files.

While it may seem strange to some observers that the banking industry and global law enforcement agencies have failed to neutralise the threat posed by physical credit card skimmers, the ease with which Magecart hackers can compromise companies’ IT systems makes the threat posed by JavaScript sniffers all the more pernicious. While the success of Interpol’s recent operation demonstrates that it is possible to identify and bring Magecart cyber criminals to justice, the fact that it can take as little as one line of code to compromise ecommerce platforms makes it very difficult to head off these types of attacks before they start producing results.

In March of last year, Group-IB revealed that Magecart malware that took the form of just one line of code had comprised more than 800 websites, including one run in the UK by apparel maker FILA. With finding such code being like searching for a needle in a haystack, it seems likely that Magecart attacks will live as long and happy a life as physical credit card skimming.

 

Continue Reading

Newsletter

Sign up for our mailing list to receive updates and information on events

Social Widget

Latest articles

Press review

Follow us on Twitter

Trending

Shares