SEXTORTION
The email scam that utilizes stolen passwords
WHAT IS SEXTORTION?
Sextortion emails are a type of cyber scam where a hacker or scammer claims to have compromising information about the recipient, such as nude photos or videos, and threatens to release the information unless the recipient pays a ransom. The scammer usually asks for payment in a cryptocurrency such as Bitcoin, although they may also demand payment via other methods such as wire transfers or gift cards. Sextortion emails can be sent as part of a larger phishing campaign that is designed to trick victims into giving up sensitive information. In some cases, the scammer may also attempt to install malware on the victim's computer or device in order to gain access to additional information.
98% of payments in Bitcoin
Bitcoin is the currency of choice for cybercriminals and has been used in approximately 98% of all ransomware payments.
$247k Average Demand
Based on the analysis of more than 700 attacks in 2021, experts estimated that the ransom demand averaged was $247,000.
10% of Spear-Phishing
Emails are Sextortion
Sextortion accounts for 1 in 10 spear-phishing emails, according to a report in Computer Weekly.
WHAT DOES SEXTORTION LOOK LIKE?
The fundamental elements involved in Sextortion email scams have been around for a number of years, aside from a more recent development - the inclusion stolen of a password used by the recipient in the subject line. This is designed to get the recipient’s attention.
The Threat
Scammers claim to have captured a photo or a video of the recipient accessing pornographic content and possibly engaged in masturbation.
Stolen Password
In an attempt to lend weight to the claim, the attacker will leverage a password used by the recipient, obtained in a previous data leak.
Payment Request
The ransom is asked for in cryptocurrency, usually Bitcoin. Amounts asked for vary, but are typically small enough to that the recipient may be tempted to pay for this to go away.
HOW DOES MESH PROTECT
AGAINST SEXTORTION?
Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.
Dynamic Content Scanning
Next Generation Spam Filtering - text and images in the message body are dynamically scanned for indicators of spam and nefarious intent, including evasive techniques such as the use of Cyrillic characters, empty white space, and the packing of email with excess content.
Contextual Banners
Informed employees are safer employees. Banners can be applied to emails warning of danger or advising caution, empowering employees to safely navigate their inbox. Banners are customizable.
Predictive Threat Intelligence
Knowing what regular email traffic looks like makes it easier to recognize anomalistic email. Mesh utilizes a combination of Passive DNS Sensors, Deep-Relationship Analysis, Neural Networks and other information sources to detect abnormalities.
The detection accuracy is excellent & for the price point, it's a no-brainer.
Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”
Chris Pottrell
CEO @ Nebula IT
Ready to get started?
Make your customers safer and
your MSP more efficient.
MSP Success Stories
Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.
Mesh is not for everyone
We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.