New Bomb Threat Email Scam Campaign Demanding $20K in Bitcoin
(Dec 13, 2018)
A new phishing email extortion campaign has been observed targeting a variety of people in the US. The email contained a bomb threat that purported a device was in the building and required $20,000 USD in Bitcoin to prevent remote detonation of the bomb. A Twitter user under the name of "Defender" reported that there were over 15,000 incidents of these spam emails which have apparently originated from Russia. The New York Police Department began investigating the bomb threats and found the threats to be uncredible thus far.
Recommendation: Whilst emails like this resort to intense fear-mongering, it is pertinent to treat emails like this with scrutiny. Immediately notify local law enforcement of the threat, but do not pay the ransom. Phishing emails represent a significant security risk because the sending email will often appear legitimate to the target; sometimes a target company email is compromised and used for such emails. Education is the best defence, inform your employees on what to expect for information requests from their managers and colleagues. Employees should also be aware of whom to contact when they suspect they are the target of a possible phishing attack.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.