Cybersecurity Awareness
- - - Live Hacking Event
    - Experience how attackers proceed, attack companies and steal data. We show you realistically how a cyber attack works. Entertaining, individual and exciting.
- - - Managed Phishing Simulation
    - We carry out individual or continuous phishing simulations together with you. Automatic, event-driven or recurring – we adapt to your wishes and requirements.
Offensive Security
- - - Penetration test
    - We attack systems within the scope of application in an organized and systematic manner and inform you immediately about high and critical security gaps. We then support you in eliminating the security gaps.
- - - Vulnerability scan
    - We use established tools to quickly and efficiently find out which systems are vulnerable, either internally or externally. We filter and check the results and support you in remedying them.
- - - 360° SME analysis
    - For small and medium-sized companies, we offer a cost-effective package that gives you an overview of the vulnerability of your internal and external infrastructure.
Consulting
- - - ISMS Consulting
    - We support you in setting up and expanding your information security management system (ISMS) and, if required, help you to achieve ISO 27001 certification.
- - - External (Chief) Information Security Officer
    - By appointing an information security officer, you fulfill requirements, have a single point of contact and are able to implement measures professionally and appropriately.
Ressources
- - - Blog
    - Read our free IT security blog and find out about news, vulnerabilities and threats.
  - - Success stories
    - Find out more about the projects we have completed for a wide range of clients.
- - - Media package
    - Whether logo, colors or images. Download our materials now free of charge to promote your event.

Bomb Threat – A new wave of blackmail mails is in circulation!

06/06/2024

Bomb Threat – A new wave of blackmail mails is in circulation!

Already in the past we had to report about blackmail mails that are currently in circulation. A new and very current campaign is a blackmail email that claims that without the ransom money a bomb will explode.

Bomb threat – This is what the message looks like

Criminals try again and again to reach different persons or companies with blackmail emails in order to get the ransom money. In the current campaign, primarily companies are addressed, since the content is about attacking a commercial building with a bomb. 20000€ should be transferred within 80 hours, so that the bomb will not explode.

As with almost all email blackmailing, Bitcoin is demanded as a means of payment. By this crypto-currency it is possible for the criminals to remain unrecognized, without the need to use a bank account with an associated name.

On a well-known web page which informs about current fraud scams we can find the blackmail mail, which we show in the following:

blackmailmail — 3 days time is given to the victims to transfer the money. This kind of time pressure is common for blackmail mails.

This blackmail mail shows many familiar patterns, which we have already had to report in the past. A good example is the scam in which victims are called by an alleged Microsoft employee. A common feature between the fraud scam described here and the call fraud scam is that in both cases time pressure is applied.

In general pressure is a component that occurs in almost every blackmail mail, so that the victims do not have much time to think logically about the written content.

Handling of such blackmail mails

If you or other employees in your company have received this mail or a comparable blackmail mail, you should not simply delete it. The police advises you not to comply with the demands under any circumstances! Instead, all evidence, e.g. emails, should be stored on a USB stick and handed in at the next police station with a report against unknown persons.

The threats of the criminals are not without consequences, so the police tries to catch the criminals as soon as possible. The more evidence can be collected from different companies, the more likely it is to find a mistake the criminal has made in a case.

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.

AWARE7 GmbH

Munscheidstr. 14
45886 Gelsenkirchen

Tel. +49 (0) 209 - 8830 6760

Fax. +49 (0) 209 - 8830 6769

Mail info@aware7.de

Opening hours
Monday - Friday
8:00 - 17:00

COMPANY

Code of Conduct

AWARENESS

Live Hacking Show

Managed Phishing Simulation

RESOURCES

IT-Security Blog

Success Stories

OFFENSIVE SERVICES

Penetration test

Vulnerability scan

IT security emergency

360° SME analysis

CONTACT

Call for proposal (CfP)

CONSULTING

ISMS consulting

External information security officer

Imprint Privacy policy