South Australia Police have issued a warning after more than 12 reports of a blackmail spam email which threatens to expose customers of adultery website Ashley Madison were reported in the state.
The Canadian-based site was hacked in August with user names and personal information stolen. A hacking group dubbed Team Impact claimed it had obtained access to a large volume of data from the site.
The email demands payment from the recipient in Bitcoin. If they don’t pay up, the scammer threatens to expose their involvement with the website such as fantasies, pictures and conversations.
In another email sighted by SA Police, the scammer threatens to contact family and friends on social media, suggesting that their social media passwords are not secure.
SA Police Electronic Crime Branch Detective, Senior Sergeant Barry Blundell, said that on this occasion, the blackmail emails are not from whoever hacked the site.
“They have appeared to have taken over the identity of the original hackers,” he said.
The email is being sent to a wide range of people – whether they were registered with the website or not.
“In this case, there is a significantly higher degree of reporting because people aren’t necessarily victims of the site. The sorts of things we are seeing in the email is that some of the information is not correct such as the Visa card numbers."
Blundell said it has had “more than a dozen reports” of the email in the last week.
“We believe it's just the tip of the iceberg as many more people will have simply deleted the email without advising police,” he said.
In August, Acting Australian Information Commissioner Timothy Pilgrim launched an investigation into the release of confidential data from AshleyMadison.com.
"[Ashley Madison owner] Avid Life Media has already been co-operating with the OAIC since it began making preliminary inquiries following news that the breach had occurred," an OAIC statement said.
"The OAIC will publish a further statement at the conclusion of its investigation, outlining its findings."