Friday, July 01, 2016

Spam emails threaten companies with DDOS attacks; security companies say, don't open them

Media sources and security companies have been advising people that they could get emails threatening DDOS attacks and “requesting” ransom in the headers.  The emails come from a group that calls itself the “Armada Collective”, but the email senders may be spoofed.  Webroot says that group is no longer active, and that other criminals are spoofing them.  The wording of the emails can be quite brazen, rather suggesting that “might is right” and revolutionary in tone. 

The Verge has a story on the matter here

Email providers should mark these as spam, and users should not open the emails, but mark them as spam if they show up.  There could be a risk that clicking on any embedded link would lead to more ransomware (and most security packages would probably block).
AOL particularly seems to have trouble marking emails with certain sender spoofing as spam. 
People with landline digital voice may sometimes find extortion-style messages in their missed-call queues.  Some of them, besides threatening tax liens, may mention “federal investigations”, knowledge of home and movements, or make other threats.  Such messages, when captured by providers (like Comcast) should be sent to the FTC or FBI as appropriate. 

No comments: