Cyber data breach suspected as extortion emails on the rise

Cyber security agencies suspect a massive data breach has occurred over the last few days, enabling cyber criminals to obtain proof against citizens visiting pornographic websites and blackmail them.

According to the Maharashtra Cyber police, a rise has been observed in extortion emails received by people over the last few days.

“The victims receive their own account passwords or their browser history, which shows that they have accessed pornographic websites, in an email. The mails go on to demand large amounts of money in bitcoins in exchange for not making the details public. This has become rampant over the last few days and may be due to a data breach event,” Superintendent of Police Balsing Rajput, Maharashtra Cyber police, said.

Mr. Rajput said the data breach could be a result of any number of possibilities. “Often, cyber criminals install trackers on pornographic websites which creep into the browsers of the targets when they visit the websites. Once the trackers have access to the victims’ browsers, they can do anything that they are programmed to do, including capture login names and passwords of email or other accounts,” Mr. Rajput said.

Another possibility, according to an officer, is that passwords of a large number of targets, which were hacked earlier, have been sold in bulk to a gang specialising in cyber-extortion and are now being used to intimidate the victims into submission. The fact that the criminals have their passwords convinces the targets that the criminals have access to their browsing history as well, the officer said.

The issue, however, does not end here. As viewing pornographic material come with a stigma, victims of such extortion attempts prefer paying up rather than alerting the authorities. While the Maharashtra Cyber Department has been informally approached by a few people who received such emails, none of them were willing to register a complaint. The absence of clear data also becomes a hindrance in trying to detect the source of the breach, sources said.

Mr. Rajput said everyone should follow basic cyber hygiene to avoid falling prey to such scams. “One can go for a two-factor authentication while logging in to email accounts, which alerts the user every time there is an attempt to log in. All devices should have anti-virus software and should be scanned regularly. Any applications or programmes which are not downloaded by users should be deleted immediately.

This article is closed for comments.
Please Email the Editor

Printable version | May 12, 2021 5:37:39 AM |

Next Story