A new email scam that displays photos of homes is trying to trick people into sending money or Bitcoin. Vector Inspiration via Getty Images
An email from an unknown sender arrives in your inbox containing a photo and address of your home, followed by a threatening text that says: “You have no idea what I’m capable of…I have footage of you doing embarrassing things inside your house (great setting, by the way)”
Sounds like a scene from a horror movie? In fact, this is one of the latest phishing scams.
Like many other email and text scams, this extortion scheme uses specific personal information to trick people into sending money. This email convinces people that the hacker knows more about them and that they need to pay or exchange Bitcoin to keep their information safe.
“I received a PDF via email that contained my address and a photo of my address, made outrageous claims about my private activities, and contained a video document captured from spyware on my computer. “There is,” said Jamie Becklund, the technology company’s chief product officer. APIContext told HuffPost. “The scammer threatened to release the video if I did not pay with Bitcoin.”
If you receive a similar email, you can take the following steps to determine if it’s a scam and protect yourself.
Check out images of houses and streets on Google Maps.
Many phishing emails often contain grammatical errors and poor formatting, which makes them easier to identify. However, this scam includes images of people’s homes and takes a newer, darker twist.
You may be asking yourself how exactly the scammer was able to determine your home address. Al Iverson, a cyber expert and industry research and community engagement leader at software company Valimail, says senders can find your address from past data breaches that exposed personal data and use your Google Maps photo to send emails. It is highly likely that he created it.
Becklund was able to confirm that it was a scam by comparing the images in the PDF to the Google Maps street view of his home. Most of the images in these scams are obtained from online sources, so people are advised to check if the images have been copied from the internet. If so, it’s clearly not legal.
Check the email address to confirm its legitimacy.
Iverson recommended verifying the validity of the email address whenever you receive communication from an unknown user.
As an example, he said, “Check to see if the sender’s email domain matches the official organization’s website.”
“Also, if you use Gmail, look for (view original message) and check the results for SPF, DKIM, and DMARC.” A way to verify an email sender’s domain to prevent email security risks. To do this, click the three-dot hamburger menu in the top right corner of the email, then click (Show original).
“Ideally, all three should pass the certification check,” Iverson said. This means that you will see “PASS” next to all three options.
Scammers have become very sophisticated at masking domains. So be wary of “similar” domains with slightly different spellings. According to Iverson, if something seems too good (or too bad) to be true, it probably is.
Another thing to be aware of is whether the scammer sends the message “from” your email address. In many cases, they simply disguise your email address in the “From” address header.
“These scammers don’t have the time or ability to actually hack your email account. They haven’t found a secret treasure trove of compromising photos. They’re trying to scare unsuspecting people. They’re just trying to get people to cough up money (or Bitcoin),” Iverson added.
Avoid clicking on unfamiliar links, especially those related to payments.
If an email appears to be legitimate, you may accidentally click on a link in the email for more information. Zarik Megerdisyan, founder of Loop8, a company that protects personal data and privacy from data breaches and hackers, strongly warns against this.
“Always be wary if you are asked to click a link in an email,” Megerdisian says. “Bitcoin transactions, like many other popular payment methods, including Cash App and Zelle, are irreversible.”
In addition, fraudulent activity requesting compensation must be reported to the Federal Trade Commission online or by telephone. Megardian also said that if a hacker obtains your financial details, keep a close eye on your bank account, dispute any fraudulent charges with your bank, cancel your card, and preemptively stop future charges. I pointed out that it was necessary.
Update and change your password.
We also strongly recommend changing all passwords if you come across an elaborate scam.
According to Yashin Manraj, CEO of Pvotal Technologies, a company that builds secure technology infrastructure for enterprises, it’s important to protect your data immediately if you suspect it has been compromised.
“Use a new email address if possible, move important financial and utility bills to that address, and then begin reporting the incident to local police or the FBI to avoid public embarrassment in case of emergency.” Please make the families aware that they may be exposing themselves. They have managed to steal some dangerous data,” Manraj said.
Don’t engage with scammers.
You may be tempted to respond to emails (especially those that seem very real) to negotiate with the scammer. However, Manraj recommends that you disengage and ignore these emails, as responding to them can actually add them to your call logs and target database, making you vulnerable to further attacks. is recommended.
We also recommend connecting to the Internet using a VPN and isolating your home network through separate Wi-Fi or a router. Most importantly, don’t ask for specific help in public forums, especially if you want to upload logs or error messages.
“Be especially careful when using virtual numbers or password managers on unpopular websites to avoid reusing personally identifying information that could be used to access sensitive financial services,” Manraj said. he explained.
Finally, be careful what data you share in the future.
Users need to remember that data is a commodity and that today’s businesses collect far too much information (often more information than is needed to complete the transaction at hand). there is. When signing up for a new website or downloading an app, Megerdichian suggests avoiding oversharing.
“Always ask yourself, do they really need to know? It’s up to consumers to be proactive about their personal data,” Megerdisian said.
