Threat Alert: Extortion-Themed Lure Spreads Malware

• Cybercriminals have launched a series of phishing attacks using extortion-themed lures regarding alleged explicit photos of the recipient. 
• The messages come from compromised Flickr accounts and contain malicious URLs labeled to appear as explicit or vulgar.  
• The messages threaten to share the photos and claim to have additional explicit images of the recipient. 

Key Actions (at Work and at Home)

• Keep in mind that cybercriminals regularly abuse legitimate services like Flickr. Abusing legitimate services gives cybercriminals and their lures an additional air of legitimacy. If you see an unexpected email linking you to an unknown document, it should be regarded as potentially malicious.   
• Remember cybercriminals take advantage of strong emotions. An email threatening to contain and share explicit photos can be extremely stressful. Keep in mind cybercriminals seek to capitalize on moments of anxiety and the difficulty in thinking clearly in such situations.   
• Report ANY suspicious emails using the Phish Alarm button. Remember: Our organization occasionally sends phishing simulations.