Digital extortion has long been one of the main cyberattacks that affect both companies and citizens. Cyber attackers have become specialists in this type of technique, in which they make the user believe that they have sensitive and compromised user information (videos, photographs or any other information) and threaten to make it public. If you don’t pay, I publish your data. Digital blackmail. How much do cybercriminals usually ask for these blackmails? That is the question that a team of researchers from Columbia University has asked themselves in a study, which has revealed the number of extortion: 90% of investigated attacks demanded payments of less than $2,000.
The investigation has examined 300,000 emails identified as blackmail scams over a year, using the artificial intelligence-based detectors of the Barracuda Networks company. The goal was to understand the financial infrastructure used by attackers in extortion attacks.
These attacks threaten to reveal compromising information such as photos, videos, or details of illegal online activities, unless the victim pays the attackers. A payment that is usually requested in cryptocurrency, such as bitcoin.
The Columbia team grouped the extortion emails based on the addresses of the bitcoin wallets used. They assumed that an attacker would use the same bitcoin wallet for all of his attacks, so one wallet would equal one attacker.
They discovered 3,000 unique bitcoin wallet addresses, of which 100 appear in 80% of emails. This suggests that a relatively small number of attackers are responsible for most extortion emails.
The team also analyzed the “sender” email fields for each extortion email. They assumed that an attacker would use the same account for all email distributed in a single attack, but that he could use a different account for other attacks. They discovered that 97% of sender accounts sent fewer than 10 attack emails each. Besides, and90% of the attacks demanded payments of less than $2,000 in bitcoin.
“Our analysis suggests that extortion scams are carried out by a relatively small number of perpetratorseach of which performs multiple small-scale attacks with moderate extortion demandssays Asaf Cidon, an associate professor of electrical engineering at Columbia University. “These relatively modest sumss make targets more likely to cooperate with extortionand the relatively small number of emails per sender makes it easier for attackers to avoid detection by traditional security technologies and payment providers’ anti-fraud measures, thus avoiding alerting the police and the media, which could tip potential victims of the scam.”
To avoid this type of scam, experts point to the need for large companies to invest in security models that allow this type of email to be detected before it arrives, in addition to always betting on the awareness and training of users and employees in cybersecurity, so that they learn to detect scams.