There have been numerous examples of how hackers can get hold of sensitive and deeply personal information and use it against individuals to embarrass and extort them into sending money or compromising pictures to the hackers to prevent the information from being posted on the web.
These examples include cyberbullying, online love scams, blackmail through the compromise of sexually explicit content or photographs, or pretending to be someone the user trusts. Once they get this sensitive personal content, knowing that people don’t want their family or friends to find out about it, they hit the user with a ransom demand. This has been going on for a very long time.
As hackers continue to find new ways to use old scams that have been successful, a recently reported example of hackers trying to use sensitive data against users is the Maze group, which hit two plastic surgery groups with ransomware, one in Seattle and the other in Nashville. Maze threatened to publish before-and-after pictures of patients who have undergone plastic surgery if the plastic surgery groups didn’t pay the ransom.
Apparently neither plastic surgery group did pay the ransom, and Maze now has posted the data, including the before-and-after pictures of patients, which researchers have said are identifiable.
Hackers will continue to find ways to embarrass or trick users into paying a ransom. They will victimize both individuals and companies that may have information or pictures that could be embarrassing or are deeply personal, in order to coerce a payment so the information is not disseminated.
Think about what you are doing online with your own personal information or pictures, and consider how you would feel if the information or photos on your phone or in your personal email were widely disseminated online. Then consider changing your behavior or deleting the material that you would be concerned about if it got into the hands of others.