CERT Issues an Advisory Warning Citizens about a New Email Extortion Campaign

The Indian Computer Emergency Response Team recently warned citizens about a new email extortion campaign scaring email recipients into thinking they’ve been hacked and their personal information withheld unless payment is made through bitcoin.
In view of this, Adam Palmer, Chief Security Strategist at Tenable said, “Phishing emails that are intended to scare email recipients into believing that a bad actor holds personal information about them are one of the oldest “tricks in the book”.
However, these types of attacks still have the potential to threaten a corporate environment if a bad actor attempts to extort data about an organization from an employee or infect a network with malicious links in the phishing message.   The good news is that typically, the malware delivered by phishing messages will try to exploit well-known common vulnerabilities. Criminals like easy ‘low hanging fruit’, he added.
He further added, “The best way for an organization to defend against this type of attack, in addition to user awareness, is to practice good cyber hygiene – such as by identifying critical risks and patching systems with common vulnerabilities favored by criminals, blocking malicious sites and IP addresses, enforcing multi-factor authentication and using encryption for sensitive data. These recommendations make it far harder for criminals to be successful.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here