Cybersecurity researchers and the media are warning website owners and administrators not to fall for the latest high-profile scam campaign that threatens to leak sensitive website data, blacklist it for spam and damage its reputation.
Beeping Computer has reported that a new phishing email is circulating, targeting site owners and administrators around the world.
In the email, the sender claims to have “hacked” the recipient’s website and stolen confidential content there. To avoid data leakage (or sale) online, the attacker requests $2,500 deposit into a Bitcoin wallet.
Paying the demand
Essentially, recipients are being threatened by a nonexistent ransomware attack that has allegedly already targeted their system.
The attacker also threatens to send messages to business partners, suppliers and customers and that all links to the site that are classified in search engines will be “indexed”, which according to the email is possible “based on blackhat my technique [have] used in the past to de-index our targets.”
The broadcaster also threatens to be put on “every blacklist in the country”. While this threat is vague, it is intended to instill fear. The email obviously contains two bitcoin addresses where victims are directed to make payments.
One of the addresses has not sent or received any bitcoins since its establishment, but the other has received one payment of $2,500, suggesting either someone has been scammed or the scammers themselves are trying to conquer the business.
Known as phishing emails, these emails can be scary, especially for less tech-savvy business owners, but they’re basically bluffs. So it’s important for users to question every email they receive and not take anything they see at face value.
Instead of rushing to pay, recipients would be better off marking the email as spam and deleting it, and flagging the bitcoin address in the Bitcoin Abuse Database.
