In a blog post Thursday, Trustwave detailed a new sextortion scam making the rounds. The blog explained that emails purporting to be from the Central Intelligence Agency are demanding ransom in the form of bitcoin. The emails, which include a ZIP attachment, claim that “because of the recipient’s supposed illegal activity, their personal information was compromised and the email sender managed to obtain it,” Trustwave explained. The emails then ask the recipient to view the attached “proof” and pay the ransom–or face arrest. Trustwave explained that the attachment contains a secure link to the evidence, which is hosted in SatoshiBox.com–a web-based platform where files can be bought or sold for bitcoin. “The seller must upload the file to the server, set its price in dollars, and provide the Bitcoin address where the profit will be sent,” Trustwave explained. “SatoshiBox will then provide the Bitcoin equivalent of the file’s price and generate a unique Bitcoin address in which the buyer must use. The file can be downloaded, and the seller will get his profit once the payment is done. The buyer has no way of previewing the content of the file other than purchasing it.” The current scam is asking for a $500 ransom on SatoshiBox. Trustwave also noted that while scammers are using SatoshiBox for this specific scam, there are other similar websites that allow for the same file purchase transactions.

Read More About
About
Kate Polit
Kate Polit
Kate Polit is MeriTalk's Assistant Copy & Production Editor covering the intersection of government and technology.
Tags