Fraudsters targeting work email accounts to steal money, Barracuda study reveals

In a recent report, cybersecurity firm Barracuda has shed light on a concerning trend in which email fraudsters use multiple Bitcoin wallets to extort money from their victims. These scammers employ tactics that involve threatening to expose embarrassing or illicit material, targeting numerous work email accounts simultaneously, and demand moderate payments of around $1,000 USD in Bitcoin. By utilizing this approach, attackers can remain undetected and avoid raising alarm among potential victims, security teams, and payment systems.

Insights from Columbia University Research

Barracuda's findings are based on an analysis conducted by a team of researchers at Columbia University, who examined 300,000 emails flagged as blackmail scams over the course of 12 months. The primary objective was to gain insight into the financial infrastructure employed by extortion email perpetrators.

Extortion attacks typically involve threats to expose compromising personal information, such as explicit photos, videos, or details of illicit online activities, with the intention of coercing victims into making payments, often in cryptocurrency like Bitcoin. The research findings have been outlined in a comprehensive report called the Barracuda Threat Spotlight.

Concentrated wallet usage and attack patterns

The detection data provided valuable insights into the attack model. Notably, the analysis revealed that the attackers were utilizing a staggering 3,000 unique Bitcoin wallet addresses. However, it was observed that only 100 wallets were responsible for 80% of the extortion emails. This highlights the fact that a relatively small number of attackers were behind the majority of these malicious campaigns.

Furthermore, the researchers discovered that 97% of sender accounts associated with extortion emails sent fewer than 10 attack emails each. Additionally, 90% of the attacks demanded payments of less than $2,000 USD in Bitcoin.

Associate Professor of Electrical Engineering at Columbia University, Asaf Cidon, stated, "Our analysis suggests that extortion scams are implemented by a relatively small number of perpetrators, each firing off multiple small-scale attacks with moderate extortion demands. These relatively modest sums make it likelier the targets will cooperate with the extortion, and the relatively small number of emails per sender make it easier for attackers to evade detection by traditional security technologies and anti-fraud measures at payment providers and avoid arousing the attention of law enforcement and the media – which would alert potential victims to the scam."

Importance of addressing extortion attacks

Nishant Taneja, Senior Director of Product Marketing for Email Protection at Barracuda, stressed the importance of taking extortion attacks seriously, particularly when they target individuals through their work email accounts. Taneja highlighted the need for security teams to investigate how attackers gained access to the account details and whether they were compromised or stolen at some point. Such scenarios have significant security implications for both the targeted individual and the company they work for. The embarrassment and distress caused by these attacks often increase the likelihood of victims succumbing to the extortion demands.

To safeguard employees and organizations from extortion scams, security teams should consider investing in AI-powered email security solutions capable of detecting and blocking such malicious emails before they reach their intended recipients. Additionally, companies should prioritize employee training and implement security policies that discourage staff from using work email accounts to access third-party sites or store sensitive personal information on work devices.