Child Porn Accusation As Online Extortion Tactic

Glenn writes "There's a story on silicon.com about a new twist in the tactics used by online extortionists trying to blackmail ecommerce sites with denial of service attacks. Yesterday one blackmailer threatened to send out child pornography emails in UK gambling site Blue Square's name if it didn't pay up 7000 Euros." This sounds even worse than simple DoS threats.

Whatever happened to "Laws" and "Rules"?

[Enigma_Man]

I thought they were supposed to prevent stuff like this... or is it a matter of "once the crime's been comitted, the damage is done permanently" so the law can't possibly compensate enough for the loss? Also, does it being probably international screw up the judicial process?

-Jesse

heh

[JeanBaptiste]

sounds just like an idea i had for a virus about 5 years ago. (no, I didn't write it).

The virus would load a couple of nastypics onto the victims machine, then send out an email to the FBI. The first virus that would get you arrested.

It was just an idea, I have never written a virus that has been let loose into the wild...

Existing problem, of course...

[lukewarmfusion]

People have been forging the From field for a long time, with varying reasons and consequences. In my university, a student sent a message to several thousand people pretending to be the head of the Student Affairs office. It was a very convincing text, but the user's AFS ID (not to mention his IP and room's port) were easily traced with the headers. He was picked up pretty quick.

It might be bad publicity for the company, but it almost certainly will have no legal ramifications for them.

Which brings me to the next question - is there an agency, organization, department, etc. that receives and processes these kinds of threats? If my company got something like this, to whom would I report it? And what would be done?

If there's nobody out there handling these, I suggest a bounty hunter system. The kind with bows and arrows.

It's not all bad

[ObsessiveMathsFreak]

The only major effect of this will be the mass blacklisting of emails from online gambling sites.

How will that be a bad thing?

Sigh, so many scumbags and thugs.

[turnstyle]

It just makes me wonder sometimes if anonymity on the Internet protects way more scumbags and thugs than it does free speech.

And, it scares me miserably that I would even think about that as a tradeoff.

People have said that.

[www.sorehands.com]

Peopla have told me that me that saying that spammers are one step above pedophiles is in exageration. This type of extortion shows that my statements are true. This shows that spammers are involved with child pornography.

this reminds me...

[to be a troll]

...of something i was thinking about the other day after a couple weeks of hunting spyware on my PC. what if someone comes along and designs some spyware that actually functions quietly (without the random popup windows and other tell-tale signs of infection). And they are able to open a port and upload any sort of incriminating evidence they would like into your own home... what is there to stop this sort of thing from happening? remember the /. article about north korea waging a cyber war on americans? ITS ONLY A MATTER OF TIME

nothing new.

[Lumpy]

Mothers angry at their soon to be Ex-husbands use the "child porn or Molestation" card all the time to try and ensure that the father can not get custody or even visitation. This is usually used as a way for her to "punish" him for what he may have done and is typically found in divorce cases where the husband was fooling around.

People have been using the boogymen like that for decades... Even when proven innocent it will haunt the accused for their life.

It's too easy to accuse without proof and be sure it will cause huge damage.

Joe Jobs.

[SeanDuggan]

Sounds like a fairly standard Joe Job [snopes.com] such as has happened with DarkProfits [snopes.com]. Only difference being here, they're actually extorting on the threat rather than simply trying to damage someone's reputation. Thing is, this could be very damaging. When it comes to child pornography, people tend to get very irrational and seldom check for any form of proof or second opinion. It's kind of like being accused of being a child molester IRL. Even once you prove your innocence, no one will quite look at you the same again and some people will never truly believe your innocence. Heck, the more squeaky-clean of life you lead, the more guilty you may seem to them. After all, you must have something to hide.

Re:Sigh, so many scumbags and thugs.

[bconway]

It scares me that you think scumbags and thugs are less worthy of free speech than you or I. Perhaps we should put them in a free speech cage like at the DNC.

Oh look

[Turn-X Alphonse]

No officer I did not send that e-mail, it was spoofed.. I do not have any child porn no sir...

Anyone seeing a problem here? If we start spoofing things like this is becomes much harder ro prove person X did send e-mail Y..

Risk vs Reward ?

[vhold]

The guy doing the extorting now has to actually have child porn and has to send it himself. The risk if he gets caught is -way- greater then if he were just cooridinating simple DDOS attacks. He'll get all kinds of scrutiny from all kinds of groups that oridinally wouldn't bother. If he's in some totally untouchable country, he's in the unique position that now if the locals find out they'll probably actually care.

I think the extra risk this behavior exposes the perpetrator to will go a long way to self regulate this trend.

There is only one way...

[eno2001]

...this is ever going to change. Someone will need to create a new protocol for sending mail that will provide the anti-spam features, but more importantly will provide some new, very desirable feature(s) that people will desperately want. This is the only way to get lazy asses to move to a new protocol. The problem lies in who that someone turns out to be. If Microsoft comes up with some whiz-bang new protocol for sending mail that does what I mentioned above, then all the folks who are Microsoft shops will move in that direction and the openess of the internet will have dissipated that much more. If Sun, or Novell do it (assuming they could manage to get an original idea out of their R&D at all. ;P ) the adoption of this new protocol would be slow. If the IETF come up with something, then we'll get the usual people joining in later in this order: *nix vendors first, ISPs with proprietary setups next, and finally Microsoft after their initial attempts at mimicking the IETF but in a backwards way fail. It happened with HTTP that way...

So the real question isn't, "how do we stop spam by getting rid of SMTP" but it's, "what can a new protocol do that will up the ante in functionality so that everyone and his brother just HAS to have it"? Personally, I have a completely different solution that I've been using with friends and family using freely available open source tools. Think about your phone numbers (work, home, cell) and you'll get the idea... (Come on folks! I can't feed you everything ;P )

Asking for all the trouble in the world

[Anonymous Coward]

Could we come up with a more motivated group of people, than gamblers? How about people who are often smart, with good memories? How about people with time and money on their hands? How about people, who are social, many of them, to some degree? How about their being *everywhere*?

How about their not wanting to have their "vice" (gambling) even remotely connected to child pornography?

Post a reward to catch the extortionist. Include benefits a high roller would love to get a chance at, say, travel, being able to access certain games or more access to them.

Catching the extortionist, could make everyone involved, at the very least,a very happy gambler and very possibly a local hero with international renown. Worse for the extortionist, I'm sure there are local bookies and mafia sorts which would act, help, simply to keep their reputations from being mired with child pornography in the media.

This doesn't even include all of the various policing agencies which are now going to cooperate to get the extortionist because they have reasonable grounds to suspect child abuse.

If the extortionist keeps it up, they'll be caught & I can't imagine their making any money because really, what company wants to be seen as funding a child abuser?

Re:nothing new.

[Anonymous Coward]

actually in my city there is a team of lawyers that are making a nice profit out of suing the crap out of people that wrongly accuse this and the media and others that run with the story before it was proven.

there were 7 cases last year that this group won against women accusing others and men in their life over the "molestation" card... and they sued them HARD as well as a localTV station.

Now the local TV will not touch any of those stories until it is decided in court.

Re:It's all SMTP's fault!

[AuMatar]

No, you don't need technical solutions to trace the spam. Tracing the spam is useless, its too hard to do. Trace the MONEY. Buy one of the products, trace where the money goes. Arrest them. This is something law enforcement is trained for and good at. Tracing the sending computer is pointless, too may dodges they can put up.