TAMPA BAY, Fla.— KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is seeing a new child porn blackmail-type phishing attack in the wild that people should take precautions against. It claims the Central Intelligence Agency (CIA) will bust users for possession of child pornography unless they pay $5,000. Only upon receipt of the money will the records be deleted from the user’s computer or internet cache.
Recent destructive malware and ransomware make the following scenario seems highly probable: If users don’t pay the ransom—but fearfully click on the provided link—bad guys put actual child pornography on the users’ machine, and/or stuff users’ search history with fake searches that could be prosecutable. Then the hackers will anonymously notify the FBI or other law enforcement of users’ involvement in child pornography. It’s a setup and the intent is to actually cause the person to get arrested and massively disrupt their organization at the same time.
“Apart from the very scary and expensive extortion, it also contains a malicious link,” said Stu Sjouwerman, CEO, KnowBe4. “We’re seeing a rise in this blackmail-type phishing…and it will become more serious. Unfortunately, technically this is not that difficult to do, and we see the potential that this type of attack could develop into highly targeted spear phishing attacks on CEOs, politicians, high-net-worth individuals, celebrities, etc. This could absolutely ruin someone’s life.”
According to the latest Microsoft Security Intelligence Report, phishing attacks are now by far the most frequent threat to the cyber landscape, increasing a massive 250 percent since the publication of the previous report. They analyzed over 470 billion and concluded that not only are phishing attacks much more frequent, but also significantly increased in sophistication in a short amount of time.
For more information on how to combat this type of phishing attack, visit www.knowbe4.com.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 24,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.
Number 96 on the list Inc. 500 of 2018, number 34 on 2018’s Deloitte’s Technology Fast 500, and 2nd place in Cybersecurity Ventures Cybersecurity 500, KnowBe4 is headquartered in Tampa Bay, Florida, with offices in England, the Netherlands, Germany.