Symantec says there has been a surge in spam messages mentioning the leak of the Ashley Madison users’ data, with spammers trying to take advantage of those affected by the breach.
In a blog on its website from Dick O’Brien, Symantec says scammers are often quick to take advantage of current events and the sheer size of the Ashley Madison breach, coupled with the embarrassing nature of its database, “provide a perfect opportunity for scammers to prey on those worried that their or their partner’s name is included in the breach.”
And, Symantec’s advice to consumers: “Be very wary of any email purporting to relate to the breach.”
O’Brien says the breach and subsequent leak of user data has created a “market opportunity” for scammers seeking to take advantage of people affected by the breach, and since 19 August, Symantec has blocked thousands of spam emails listing domains relating to Ashley Madison in the “to” or “from” fields, including:
And, from 22 August, Symantec says further spam campaigns have been blocked that contain references to the website in the subject lines of emails, including these:
• “How to check if your email is part of Ashley Madison's hack”
• “Ashley Madison Hack Should Scare You”
• “How to Check if You Were Exposed in Ashley Madison Hack”
• “Ashley Madison records leak”
• “Ashley Madison Hack Update”
• “Ashley Madison hacked, is your spouse cheating”
According to O’Brien, given the nature of its business, Ashley Madison has always been the subject of some spam activity. “For example, one campaign which began on 1 July, before news of the breach emerged, featured a subject line of ‘pending message from ashleymadison.com’.
“However, recent weeks have seen a spike above this baseline of activity.”
O’Brien also says: “Others have also noted attempts by scammers to capitalise on the breach. For example, security writer Brian Krebs has reported on blackmail emails aimed at people who had their details exposed in the breach. Krebs quoted one email which demanded a bitcoin (approximately US$225 at the time of writing) from the target in exchange for a promise of non-disclosure of the information to their partner.”
In its advice to consumers targeted by the spam emails, Symantec says:
• Exercise caution with websites offering to check if someone’s details are included in the breach. Unscrupulous operators could use the submitted details to identify people who are worried about the breach and target them with extortion attempts
• Do not pay anyone offering to remove personal details from the leaked data, since this cannot be done. This information is already in the public domain and multiple copies exist.