Scammers Pretend to be CIA to Extort $10K from Victims Allegedly Linked to Underage Pornography

Woburn, MA – June 7, 2019 –Kaspersky researchers have uncovered a sextortion scheme where scammers pretend to be a corrupt officer of the Central Intelligence Agency (CIA), demanding $10,000 in bitcoin from victims whose name they claim to have found in an investigation into online pedophiles. The spoof employee offers to delete all traces of the victim from the investigation in return for the payment.

Extortion schemes that threaten to expose the recipient’s interest in online pornography unless a ransom is paid are nothing new. In most cases, the messages draw on information gathered from earlier data breaches. The emails are often easy to identify by their poorly crafted nature and misspelled language. This sextortion email uncovered by Kaspersky experts differs in that it is carefully worded and designed, even carrying a copied CIA logo.

The email appears to come from a corrupt CIA agent involved in “Case #45361978,” “a large international operation set to arrest over 2,000 people suspected of pedophilia, in over 27 countries.” The note alleges that the victim’s contact details and those of their relatives, including the victim’s work address, are included in a list held by the operation. The fake CIA agent offers to remove all files relating to the victim in return for a payment of $10,000 in cryptocurrency. It is not known how many people have been affected by this scam.

“Messages like this can be terrifying for recipients,” said Tatyana Shcherbakova, security researcher at Kaspersky. “The fraudsters exploit the fact that mistakes happen in the digital world, and people’s names can and do end up in the wrong place. Innocent people might be prepared to pay up or to contact the attacker to avoid any potential damage to their reputation and relationships. Most such emails are fake, and the attackers are unlikely to hold the information or evidence they claim to have. The recipient is probably one of many thousands receiving such an email. Fortunately, there are signs you can look out for to spot a scam, and action you can take to protect yourself. Most of all, don’t panic, don’t respond and don’t pay up.”

Kaspersky researchers recommend that if you receive a threatening email message demanding money, the best thing to do is the following:

• Mark the message as ‘spam’ so the spam filter catches it next time, and then delete it immediately.
• Do not click on links in emails if they come from people or organizations you do not know, or those with suspicious or unusual addresses.
• Do not contact the attackers and do not attempt to pay. Responding will reveal that the email account is live, so you are likely to start receiving even more spam. Paying will mark you as someone worth coming back to for more money.
• Use a reliable security solution for comprehensive protection from a wide range of threats such as Kaspersky Security Cloud.

More details of this story can be found on Kaspersky Daily.

About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact
Sarah Kitsos