A group of scammers is trying to trick website owners into sending them money by threatening to launch crippling Distributed Denial of Service (DDoS) attacks.
According to security researchers from Symantec who intercepted the fake messages, the scammers are sending them to email addresses they gather from domain whois information.
The rogue emails come with subjects of “Hosting – Important Updates and Information” to make it look as if they appear from the recipient’s domain registrar and contain intentional spelling mistakes to avoid spam filters.
“We hold a huge network of Distributed Denial Of Service Attack, allowing to suspend any website. We have been watching [domain_name] and were able to find out that you have spent pretty money much for its advancement and we want to to offer you to spend a little more yet.
“Just as little as 200 bucks as a voluntary donation to our fund will keep your web site away from DDOS attack,” part of the message signed by the “Top Manager of ZeleniyHach project,” reads.
The scammers claim that if the money are not sent to them in the form of a Webmoney Payment Check within 48 hours, another zero is added to the sum, making it $2,000.
“Attempts of gathering personal information or money by using tactics similar to those mentioned here are very common in scam attacks. Symantec recommends that users ignore emails from unknown senders […],” Symantec’s Samir Patil, writes.
Even though Symantec assures users that this is just a scam, DDoS-based extortion does exist and has been used by cybercriminals before.
However, buying DDoS services from a botnet runner to attack the competition’s services is a much more common occurrence.
According to a Kaspersky Lab report on the underground economy released last year, botnet owners charge between fifty to several thousands dollars for launching DDoS attacks, depending on length and target.