Hackers are coming after your most intimate data
Rather than just cashing in on stolen credit card data or social security numbers, cyber criminals are instead trying to steal some of your most personal online data for extortion. Think messages, pictures, even health information.
And because people willingly put so much information about themselves online, hackers have a lot of material to work with.
How hackers are turning your personal data against you
From dating apps to health tracking services, people in general are just putting more sensitive information about themselves on the internet.
But just because you choose to use an app or online service that collects sensitive data doesn't mean you want it shared with the rest of the world. Hackers are taking advantage of this and increasingly stealing this kind of information so that they use it for extortion.
For example, after the Ashley Madison breach in August, there were a number of reported incidents where scammers had collected personal information of those impacted by the data leak and then threatened to alert a user's family to their activity if they did not pay a certain amount of money.
According to at least one report, the Ashley Madison hack scammers may have earned about $6,400 in blackmail payouts from the leak.
"The Ashley Madison hack is incredibly interesting because you are taking this very intimate private data that people thought was private and now it's not. And that's pretty devastating," Caleb Barlow, vice president of IBM Security told Tech Insider. "It may be the breach that rings the bell and gets people to really think about what they share online."
Earlier this month, reports began to surface in New Zealand that some Skype users were also being blackmailed for their activity online. Users who had conducted "intimate activities" via video messages with strangers they met using the service were later told that they must pay up or the captured footage would be exposed.
Ransomware is becoming a hacker's favorite tool for extortion
One of the tools cyber criminals are using to get people to pay up is a special form of malware called ransomware.
Ransomware typically works by either holding a computer hostage or by blocking access to files by encrypting them. To regain access to a computer or files, hackers generally require the victim to pay a ransom of several hundred dollars to a few thousands dollars, usually in the form of Bitcoin.
But cyber criminals are experimenting with new ways of making ransomware more effective.
For example, on Tuesday researchers at the security firm Zscaler warned that a porn app called "Adult Player" was actually a malicious app that installed ransomware on the user's device and took compromising pictures of people why they watched porn. The Android app then locks the user's device, displays the image of the user and demands that the user pay $500 via PayPal before regaining access to their device.
The popularity of these new kinds of ransomware is only the rise, according to data from McAfee Labs.
In the second quarter of 2015, the security firm detected 58 percent more new ransomware samples than the first quarter of 2015.
And as more of our devices become connected to the internet, we can also expect to see new kinds of ransomware evolve, Etay Maor, a senior fraud prevention strategist at IBM, told Tech Insider.
"We are entering an era of really personal breaches. With so many connected devices, we are going to see a real shift. Consumers are going to get really hurt," Maor said.
Why? Because unlike when your bank account gets hacked and the bank reimburses you, hackers will begin to come directly after the consumer. For example, a hacker could use your home security camera to take take pictures of you and hold them hostage until a ransom is paid or they could use ransomware to freeze your connected car until you pay up.
How to protect yourself from online extortion
The most important thing anyone can do is be careful what they share online, Barlow said. Realize that any app or online service you use can be breached and all of that data can be published online.
Also, be careful where you place devices connected to the internet, as they can also collect sensitve information that can be used against you.
"The simple fact of the matter is, we are deploying sensors everywhere, there are cameras everywhere, there are microphones everywhere. Any place there is one of those input devices can be used in the wrong way. Everything can be hacked it's just a matter of how much time and effort it takes to do it," Barlow said.
To protect yourself from dangerous mobile ransomware, people should not download apps that are not from legitimate app stores. Also, be wary of email attachments and links in emails from people you don't know.
And in the case you do become a victim of some form of online blackmail, the best thing you can do is alert law enforcement, security experts said.
- Adani Ports Q1 profits declines to ₹1,091 crore
- Unicorns and startups should prepare for a longer funding winter, says SoftBank's Masayoshi Son
- Lok Sabha passes Energy Conservation Bill to promote non-fossil fuels
- Indian government is reportedly planning on restricting Xiaomi, Realme, Vivo and Oppo from the budget smartphone segment
- Less than 50% of children able to catch up with age-appropriate learning, claims survey