New Sextortion Lures Victim With Supposed Nude Picture of Colleagues Girlfriend

Have you seen this one yet? Apparently scammers are not having great luck with generic sextortion scams so they are upping the game with amped-up social engineering tradecraft by appealing to your curiosity. The lure is a note saying that your colleague or friend’s computer was compromised and they didn’t pay up so they are sending out these pictures to everyone on his/her list for failure to comply. According to researchers, once the victim opens the malicious attachment they see a blurred image. The scammers then require you to enable the content to see the blurred image. Once you do that the payload runs a PowerShell script that downloads the Racoon info stealer. This is a nasty piece of malware. The stealer malware was designed to take screenshots, steal credentials, credit card information, desktop cryptocurrency wallets, and more. The Racoon stealer does not take skill to perpetrate as it is a Malware as a Service (MaaS) kit that can be purchased on hacker forums by lesser skilled bad guys for $75/wk or $200/month. A very low bar to entry. It is often delivered through exploit kits or phishing and often in tandem with the more common Docusign campaigns. You can read more here. Don’t fall for it. Think before you click.

Featured Webinars

Advanced Phishing and

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service