In an era of Jeffrey Toobin and always-on webcams, scammers have launched a new grift that involves claiming that they have access to your naked Zoom videos.
Trust me: They don’t. But that doesn’t mean they won’t try to convince you otherwise.
Documented by antispam researchers at Bitdefender, the scam email begins innocuously enough: “Hello. This will grab your attention. You have used Zoom recently, like most of us during these bad COVID times and I have very unfortunate news for you.”
The scammers then go on to claim to have made a recording “where you work on yourself.” And they don’t mean they have video of you doing push-ups.
“Please dont blame me or yourself for this, I didn’t have any bad intentions,” the email continues. “I got very sick, lost my job, about to be evicted and have no money to survive. All of this because of the stupid virus. I’m sorry. I have no other choice.”
[referenced id=”1521315″ url=”https://gizmodo.com.au/2020/10/heres-how-to-avoid-accidentally-showing-your-genitals-to-your-colleagues-on-zoom/” thumb=”https://gizmodo.com.au/wp-content/uploads/2020/10/20/viuojfbsiyc7vregd0rg-300×169.jpg” title=”Here’s How to Avoid Accidentally Showing Your Genitals to Your Colleagues on Zoom” excerpt=”It’s happened to the best of us during this period of extended working from home: You’re minding your own business when suddenly a Zoom room full of your colleagues and/or business partners gets a non-consensual eyeful of unsecured loin. Accident or not, that’s really fucked up. It’s even possible that…”]
The email ends in a request for $US2,000 ($2,848) in bitcoin and includes a cryptocurrency address. It’s unclear if the hackers have received any payments. The scammers sent almost 250,000 emails to victims in the United States, according to Bitdefender. The attack began on October 20.
If you get this email, do not fear — the people sending these mails most likely don’t have video of you naked. Yes, Zoom has been a victim of hacks ranging from the annoying (zoombombing) to the truly dangerous (remote code execution), and security researchers at TrendMicro discovered Zoom downloaders from unofficial sources bundled with malware that would allow attackers to gain access to a victim’s webcam. But it’s unlikely these scammers are putting that much effort into this spam ploy. And if you’re still freaked out, you can always use a webcam cover.
The scammers close the email with similar aplomb.
“P.S. Don’t try to report this to the police,” they write. “Good luck! Don’t stress!”
[referenced id=”1236999″ url=”https://gizmodo.com.au/2020/08/this-ransomware-stole-us25-35-million-in-5-months/” thumb=”https://gizmodo.com.au/wp-content/uploads/2020/08/05/xpts6nwwp4jgsoqmmryt-300×200.jpg” title=”This Ransomware Stole $US35 ($50) Million in 5 Months” excerpt=”A ransomware variant called NetWalker is doing surprisingly well, even in this economy. The malware, which takes computers hostage and asks for a Bitcoin ransom, raked in $US25 ($36) ($US35 ($50)) million in the last five months, a solid haul for what amounts to a solid ransomware-as-a-service platform.”]
All kidding aside, most of these scams are not real and, except in the case of ransomware that has encrypted all of your hospital’s files, paying any sum to prevent blackmail is usually a bad idea.
That said, maybe close your laptop the next time you decide to Donald Duck it before a business call? It’s a best practice in today’s fast-paced online work environment and just good manners.