Hackers issue threats and appear to have passwords to users' social media accounts
Phishing scam 'webcam' warning as UAE residents find themselves targets
Hackers are threatening to release video footage on the internet that was secretly taken on social media users’ webcams if they do not pay ransoms.
Victims say the phishing scam involves hackers demanding money, claiming to have used their targets’ passwords to install spying malware on their device.
They claim to have recorded footage of victims by activating their webcam when the owners visit certain websites.
One victim is Dubai businesswoman Selina Waterman-Smith, who warned others to watch out for emails requesting to download attachments that could compromise mobile devices and home computers.
“I received a rather nasty email this morning from someone saying they’d installed malware on my Mac, and had clips of me at home filmed without my consent,” Ms Waterman-Smith said.
“They said that unless I gave them money today, they would post the video clips to all of my contacts. Now obviously this sounds like nonsense but they also sent me one of my genuine passwords I use to log in to Facebook and stuff. Slightly worrying.”
Others said they had received similar emails and had put tape over the webcams on their computers to avoid snooping.
Facebook founder Mark Zuckerberg has in the past posted a photo of his office, showing his laptop and microphone jack clearly taped up.
This week, Britain’s Daily Mirror reported a similar scam, and said internet users visiting pornographic sites were specifically being targeted. Hackers threatened to send evidence to “all of your contacts including relatives and co-workers”, according to one threat.
Tech news site Ars Technica said sites and forums were available online containing threads full of people comparing and trading images of “slaves”, people whose computers had been taken over.
Hackers use a remote administration tool to gain access to webcams, files and microphones.
The “ratters” then show the victim that they have control of their computer by accessing certain websites.
Security experts claim Apple Macs are harder to break than most Windows laptops, because the light next to the Mac’s webcam is controlled deep in hardware and is difficult to activate without turning on a warning light.
Threatening emails are usually semi-automated, with cyber criminals creating script based on usernames and passwords from previous data breaches. Every victim receives the same email at the address used to sign up to the hacked site.
Success rates of email scams are extremely low, as most messages are intercepted by anti-spam filters and security software.
Poorly written English in emails, unusual formatting or an email address that doesn’t match the address book contact are all indicators of a phishing scam, cyber-security experts have said.
Etisalat and du have launched campaigns alerting consumers about fraudsters after an increase in the number of reported cases of mobile scams this year.
Security tips publicised by both companies warn that customers should not provide personal banking information, Pin numbers, Simcard or passport details over the phone.
“Cyber awareness and training is critical,” said Eddie Schwartz, executive vice president of Cyber Services at DarkMatter.
“Well-meaning employees can sometimes be tricked into opening malware-ridden email attachments, or lured by phishing scams. It’s important that cyber resilience is embedded throughout organisations in all sectors.”