‘Bomb Threat’ Scam Update

If you were the recipient of last Thursday/Friday’s ‘bomb scare’ spam campaign, here’s some more info and an update on who was responsible.

This scam blasted out thousands of email messages claiming the recipient’s building would blow up unless they sent $20,000 in Bitcoin.

Work by researchers at Cisco’s Talos report that this latest batch of email messages is very similar in composition, a demand for Bitcoin payoff, and the IP addresses used with a previous scam – the so-called ‘sextortion’ scam. If you don’t recall, that was the one where the bad guys claimed to have installed malware on the victim’s computer  and unless money was sent, compromising videos would be leaked. Of course, those videos didn’t exist and there was no malware.

The good news – it doesn’t appear that the cybercriminals are being very successful with this latest scam. Only two small transactions have been made to the Bitcoin payoff address with both of those on the day the email went out.

The attackers response to their failure? Yet another try, this time with a threat to scare people into paying them money by threatening an acid attack.

What should you do when you get one of these types of threats? Don’t pay any ransom demanded by unsolicited email but promptly report all threats to your IT and business administrators and/or contact your local police department. 

Everyone stay safe out there!

Author: Glenn Mores

President & CEO MicroData