According to reports, there has been at least one incident in which the attacker appeared to legitimately compromise a system. The victim received an extortion email similar to the above, except containing a current password and requesting a Bitcoin payment of $2,000 within 24 hours. After the 24 hours had lapsed, the attacker sent the victim a second message containing a transcript of a phone conversation the victim had with a third party occurring after the extortion email was received.
It is critical to use a unique password, along with two-step verification/multi-factor authentication whenever possible, for each website login credential and to change passwords on regular intervals due to the increased likelihood that current and recycled passwords will eventually be compromised in a data breach.
The United States Secret Service advises against paying any requested demand in an extortion attempt.
If anyone has any information related to this alert, the GIOC can be contacted at GIOC@usss.dhs.gov.
Sources & Additional Resources:
- United States Secret Service
- COVID-19 Exploited by Malicious Cyber Actors. Alert (AA20-099A)
- Fact Sheet: DHS is Taking on COVID-19 Related Fraud
- Department of Justice Announces Disruption of Hundreds of Online COVID-19 Related Scams
- Threat actors exploiting the novel corona virus epidemic
- Remote Cyber Security Solutions Suite
- COVID‐19 Cyber Threat Coalition – USSS Information Alert
- Cyber Emergency Response – Incident Response Retainer
Is your company hit by a Cyber Crime? Contact LIFARS today for 24/7 help, more information and guidance!