Ashley Madison Blackmailers Turn to Snail Mail Threats

Ashley Madison account holders are claiming that they’re being targeted by blackmail letters posted to their home addresses, several months after the firm was hit by a massive data breach.

Security consultant Graham Cluley revealed in a blog post that he received a note from a reader with the following message:

“I just received a physical postal letter to my house asking for $4167 USD or exposed by AM account to people close to me. Is your advice the same as in your vid about email blackmail? Thank you.”

This isn’t the first time users of the infidelity site have been targeted, of course. Last month complaints filed with the Federal Trade Commission (FTC) revealed numerous extortion and blackmail attempts.

According to FoI requests made by the Toronto Star, many of the blackmailers are requesting payment in bitcoins which are harder to trace. Demands apparently range from two to 10 bitcoins—with one currently valued at around $450.

The fallout has forced resignations of public officials—such as Alabama mayor Don Hall—exposed a Florida state attorney and US reality TV star Josh Duggar.

It’s even claimed that several former users of the site have taken their own lives as a result.

Although Toronto-based Avid Life Media maintained its site was legitimate, some reports have claimed that the number of actual female members signed up was only a fraction of that advertised—with automated bots used to trick male users.

There may also be men caught up in the scandal who never signed up to Ashley Madison, after it was revealed that the firm did not run any authentication checks for new registrants.

Trend Micro researchers discovered back in September that several dozen email accounts associated with honeypots they had set up were being used in Ashley Madison profiles—hinting that the firm may have helped create fake profiles.

Security expert Cluley’s advice is not to give in to the blackmailers.

“I understand that it must be very unsettling and worrying, but paying the blackmailers any money is only likely to make them focus on you more. Ignoring them is probably a better plan in my humble opinion,” he wrote.

“If you have received such a menacing letter through the post, my advice would be to share the letter with the authorities )(and obviously request their discretion).”

Photo © PathDoc

What’s Hot on Infosecurity Magazine?