In the latest twist on the small-but-growing practice of electronic extortion, criminals have taken to holding hijacked web email accounts for ransom, a security company said.
San Diego, Calif.-based Websense has reported that some Hotmail accounts have been compromised, with all mail and contacts erased. The only remaining message: a ransom note demanding payment for the return of the deleted data.
"If you want to know where your contacts and your emails are then pay us or if you prefer to lose everything then don't write soon!" the note read, said Websense, in a rough translation of the original Spanish.
Users' accounts were compromised after they had accessed their web mail accounts at a public Internet caf in Mexico, Websense added.
Previous "ransomware" attacks took a different tack. Typical was a March scheme where an attacker first planted a Trojan horse on PCs, then used the malware to encrypt a large number of documents and files. Later, the criminal sent email to the victim demanding payment for the key that unlocked the encrypted files.
No responsibility can be taken for the content of external Internet sites.