Nest Video Extortion' Email Scam

The 'Nest Video Extortion' email scam is a social engineering attack that tricks victims into paying a ransom against the possibility of having compromised camera footage released to the public. Although the con artists' associated media includes footage for Google's Nest cameras, it doesn't host recordings related to the victims, specifically. Users can delete these e-mail messages safely and should analyze their systems with anti-malware products after any contact with the 'Nest Video Extortion' email scam's websites.

Google's Nest Warms an Extortionist's Nest Egg

As the Internet-of-Things or IoT becomes a long-term security challenge for both hackers' surmounting and defenders' guarding, more attacks are using it for schemes, haphazardly-distributed botnets and other campaigns. The 'Nest Video Extortion' email scam takes advantage of the well-known Google brand for convincing the targets that their cameras are in a hacker's control. However, the truth is that the campaign leverages nothing more than the victim's e-mail address, with convincing associated media.

The 'Nest Video Extortion' email scam begins with an e-mail sent to the victim's e-mail account after the address's harvesting by unknown means, such as a previous phishing attack or database breach. The attack uses a similar methodology to other sextortion or sex-themed blackmail campaigns like those of the PornBlackmailer Ransomware. It claims that it has evidence of the user's sexual activities via misappropriated camera footage and demands a ransom to prevent any leaking to the public.

Unusually, though, the scheme doesn't demand a ransom immediately and prefers redirecting users to multiple websites and external e-mail accounts, first. One of these sites contains collected Google Nest footage, supposedly, as evidence of the hacker's capacity for doing the same to the victim. Once on the ransoming infrastructure, the victim receives more details, including requests for Bitcoins or gift cards for major vendors and services like Amazon and iTunes. The footage, victims should note, is not from their hardware, and the campaign doesn't limit itself to targeting Nest camera owners.

Ducking Out of the Latest Smart Camera Tactic

The 'Nest Video Extortion' email scam's payment mechanisms are convoluted slightly, in that they require the victim's interacting with additional, third-party e-mail accounts and website infrastructure, instead of going straight to the payment service. However, it could be effective against Google Nest camera owners due to the abuse of preexisting footage. Ransoms are at around 550 USD value currently, which is an appropriate range for individual victims and small, unprotected businesses.

Camera owners can protect their hardware by installing patches as available, using additional security features like 2FA, and avoiding passwords that are brute-forcible, such as a factory default. All victims should delete messages related to the 'Nest Video Extortion' email scam and avoid visiting websites linked to it, which may harm their computers or other devices. While malware experts see no current, harmful software related to this campaign, future attacks may leverage the website infrastructure for dropping file-locker Trojans or other threats.

Since the 'Nest Video Extortion' email scam doesn't entail collected footage from the victims, there is no advantage in paying its ransom. Critically, payments in cryptocurrencies like Bitcoin are, effectively, non-refundable.

The 'Nest Video Extortion' email scam is taking problems of the IoT world and monetizing them with a dash of deception. Believing what one sees at first glance is always a mistake, but that's never truer than with a criminal's sextortion scheme.