Gmail Users Warned To Beware Of Insidious Search History Spyware Scam
by Davey Winder · ForbesThe Maryland State Police Department has identified an ongoing cybercrime campaign which, they said, specifically targets Gmail users. The scam itself builds on long-established methods of extorting scared recipients with sextortion tactics and the inclusion of user-specific information.
The Maryland Police Gmail Scam Alert
In a Sept. 18 alert, the Office of Media Communications at Maryland State Police published an alert members of the public about a scam targeting residents with Gmail accounts. “Throughout August and September,” the alert stated, “the Maryland State Police Financial Crimes Unit received reports of several internet-based scams specific to Gmail accounts.”
These sextortion blackmail attempts appear to be related to a tactic, first identified by Malwarebytes Labs security researchers and reported by myself on Sept. 8, involving the use of photographs of the recipients’ home acquired using Google Maps Street View.
Maryland police said that the reports it has received show an attempt to blackmail the victim with accusations of gaining information from a compromise of their computer. As is usual with such sextortion campaigns, the information in question revolves around either the viewing of pornography or the creation of intimate images and video. The implication is that the sender of the email has been able to hack the reader’s computer or smartphone, access their search history, and some even state that they have installed spyware on the device that is watching them as they read.
“The Maryland State Police continue to investigate these internet scams.,” the statement said, “residents are urged to be cautious of unsolicited emails sent to their Gmail.”
MORE FOR YOU
Apple’s Update Decision—Bad News Confirmed For Millions Of iPhone Users
BlackRock Reveals It’s Quietly Preparing For A $35 Trillion Federal Reserve Dollar Crisis With Bitcoin—Predicted To Spark A Sudden Price Boom
Today’s NYT Mini Crossword Clues And Answers For Thursday, September 19th
Are You Really Being Watched By Gmail Scam Hackers?
I mean, nothing is impossible, but the likelihood is so minimal that I’m prepared to say with absolute confidence that the answer is no. If you’re wondering, then, how this complete stranger has managed to have a photograph of your home, a password that you recognize and personal information about you, the answer comes in three parts:
- Personal information, including your address and other details, will be scraped from your social media postings and other readily available online data.
- Armed with that physical address, the attacker can quickly get a photo of your home from Google Maps Street View.
- As for the password, once an attacker knows your email address, it’s straightforward to cross-reference it with any number of data breach databases available on the criminal dark market.
Law Enforcement Gmail Scams Mitigation Advice
Maryland State Police have provided some mitigation advice for anyone concerned about this latest sextortion campaign. This includes being wary of links in emails or on websites you don’t trust, not sharing personal information online unless you are sure the site involved is secure, and not panicking. “Often scammers rush potential victims and push lots of emotional buttons to get you to stop thinking rationally,” the police alert concludes, “Never let strangers force you into fast decisions.”
All good advice, to which I will only add that blurring your home address on Google Maps Street View is now also considered a scam mitigation technique. You can find out how to do that, step by step, here.
If you have already been a victim of such an attack, you can report it to the FBI’s Internet Crime Complaint Center.