Original URL: http://www.theregister.co.uk/2006/12/13/web-black-mail/

Webmail hijack ruse leads to blackmail

Pay up or you'll never see your data again

By John Leyden

Posted in Security, 13th December 2006 13:47 GMT

Pond-dwelling scammers have developed a new cyber-extortion ruse.

Unlike previous cases where end users were targeted with malware that encrypted files, which hackers claimed could only be recovered if victims yielded to extortionate demands for money, the latest trick involves attempts to milk money from the victims of compromised web-mail accounts.

Consumers who log into their accounts after an attack find their messages and online contacts have been deleted. All that is left in their accounts is a message from cyber-blackmailers that requests payment if they want to see their data again. Net security firm Websense said it became aware of the attack after reports from an end-user, who reckons his credentials were compromised after he signed into his account in a cyber-cafe. ®