Bomb Threat – A new wave of blackmail mails is in circulation!

M.Sc. Jan Hörnemann

Bomb Threat – A new wave of blackmail mails is in circulation!

Already in the past we had to report about blackmail mails that are currently in circulation. A new and very current campaign is a blackmail email that claims that without the ransom money a bomb will explode.

Bomb threat – This is what the message looks like

Criminals try again and again to reach different persons or companies with blackmail emails in order to get the ransom money. In the current campaign, primarily companies are addressed, since the content is about attacking a commercial building with a bomb. 20000€ should be transferred within 80 hours, so that the bomb will not explode.

As with almost all email blackmailing, Bitcoin is demanded as a means of payment. By this crypto-currency it is possible for the criminals to remain unrecognized, without the need to use a bank account with an associated name.

On a well-known web page which informs about current fraud scams we can find the blackmail mail, which we show in the following:

3 days time is given to the victims to transfer the money. This kind of time pressure is common for blackmail mails.

This blackmail mail shows many familiar patterns, which we have already had to report in the past. A good example is the scam in which victims are called by an alleged Microsoft employee. A common feature between the fraud scam described here and the call fraud scam is that in both cases time pressure is applied.

In general pressure is a component that occurs in almost every blackmail mail, so that the victims do not have much time to think logically about the written content.

Handling of such blackmail mails

If you or other employees in your company have received this mail or a comparable blackmail mail, you should not simply delete it. The police advises you not to comply with the demands under any circumstances! Instead, all evidence, e.g. emails, should be stored on a USB stick and handed in at the next police station with a report against unknown persons.

The threats of the criminals are not without consequences, so the police tries to catch the criminals as soon as possible. The more evidence can be collected from different companies, the more likely it is to find a mistake the criminal has made in a case.

Photo of author

M.Sc. Jan Hörnemann

Hello dear reader, my name is Jan Hörnemann. I am a TeleTrust Information Security Professional (T.I.S.P.) and have been dealing with information security topics on an almost daily basis since 2016. CeHv10 was my first hands-on certification in the field. With a Master of Science degree in Internet Security, I have learned about many different aspects and try to share them in live hacking shows as well as on our blog. In addition, I am active as an information security officer and have been qualified by TÜV for this activity (ISB according to ISO 27001)