Cybercriminals have been sexually extorting women and children with private information that was stolen from major tech companies. Somehow, these criminals have been able to trick these companies into handing over important data, which in turn lets them take advantage of victims in the most disgusting ways possible.
Cybercriminals steal data for sexual blackmail
A Bloomberg report revealed that hackers are getting private data from major tech companies by filing fake legal requests. Unfortunately, many companies fell for this and gave away private information such as full names and physical, email and IP addresses.
With this information, cybercriminals are able to hack into accounts or contact the people in question. Once contact is made, the cybercriminals trick victims into sending sexually explicit materials. Should the victims refuse, the hackers abuse them through online harassment, swatting, and doxxing.
Unfortunately, victims who have complied with sexual requests end up receiving escalating abuse. In an absolutely abhorrent example, victims were instructed to carve the names their cyber abusers on their skin and send the pictures to the hackers.
How were these tech giants getting duped?
Cybercriminals have been able to hack into police/government emails and impersonate officers, allowing them to send fake subpoenas. Using the dark web, hackers were able to purchase official email addresses, hence why a number of companies have fallen for the trick.
The new cybercrime "trend" targets massive companies, such as phone providers or social media companies. For example, major tech companies like Apple and Meta are said to hands surrendered sensitive data to the criminals, showing how legitimate these police/government emails are.
According to police, the new “trend” is a rapidly increasing occurrence online, and a truly dangerous one at that. When you consider how most people are online 24/7 with social media platforms, it’s an absolutely horrifying thing that can happen to anyone.
It seems that all hope isn’t lost, as some companies have told Bloomberg that they seemingly learned from the experience. On the other hand, some companies are more protective of personal data, refusing to give info up easily.
Meta and Discord have told Gizmodo that they take a number of steps to make sure that the information is legitimate. Google also released a lengthy statement, which can be read below.
“In 2021, we uncovered a fraudulent data request coming from malicious actors posing as legitimate government officials. We quickly identified an individual who appeared to be responsible and notified law enforcement. We are actively working with law enforcement and others in the industry to detect and prevent illegitimate data requests.”
Stay safe everyone.