New Data-Dump Powered Extortion Scams Popping Up

Beware of a new extortion scam doing the rounds:

Over the past week, scammers are now utilizing a new extortion email campaign that claims the recipient’s phone was hacked, includes a partial phone number of the recipient, and further states that they created videos using the recipient’s webcam. It then demands $1,000 USD in bitcoins or the hacker will release the video and other information.

The most interesting thing about these scams (to me) is how are powered by data leaked through various data breaches. They use snippets of “private” data from these dumps to appear legitimate and scare a target into handing over the cash. This new one also leverages account recovery features to get the partial phone numbers.