The Null Device

Criminals are turning to blackmailing office employees; the criminals send mail to the employees, threatening to wipe their hard disks or install porn on their PCs unless the victims pay them a small sum. Unlike traditional e-extortion schemes, the perpetrators usually don't have to demonstrate their control of the victims' machines; among the millions of people spammed, they find one or two clueless people who accept their claims and pay the small sum demanded; which, of course, marks them out as a "sucker", and results in them being blackmailed for larger amounts.

"It's getting simpler," said Hypponen. "If you wanted to extort money from a small company you would have had to hack them and convince them you have stolen their information. Here, you don't have to do anything but send an e-mail around."

(via Techdirt)

¶ blackmail crime extortion social engineering 0

A Californian hospital recently found itself blackmailed by a third-world data-entry worker threatening to post patient records on the internet unless she was paid. The UCSF Medical Center did not know that the clerical work had been exported to Pakistan, as the records went through a chain of three subcontractors (each probably being the lowest bidder, chosen hourly, where a fraction of a cent can mean bankrupcy). Looks like someone along the line needs to tighten up their paramilitary death squads, err, industrial-relations practices. (via /.)

¶ blackmail outsourcing risks 0

Gibson's law applied to blackmail: Dutch blackmailer uses steganography to cover tracks, instructing victim to post bank card info encoded in a photograph in a fake car ad on an auction site. He then accessed the site through a US-based anonymiser. Mind you, the fact that the FBI nailed him in 24 hours nonetheless is somewhat thought-provoking. (via Techdirt)

¶ blackmail crime gibson's law steganography 0