Don’t trust inbound e-mails, phone calls, texts, etc. People will say anything to trick you out of your money. As a rule, change your passwords often. Protect your passwords. Don’t share them with anyone and don’t use the same ones on different accounts. Keep your AV up to date. We recommend WebRoot (ask us about it). Cover your camera when not in use as a rule of thumb too. Read more about this scam at the link below. Source: Sextortion Scam Uses Recipient’s Hacked Passwords — Krebs on Security
If you are viewing a post from a mobile device pay close attention to the URL. A new(ish) exploit method simply uses a bunch of — (Dashes) to obscure part of the address. The article specifies Facebook but this same technique would work with other sites as well. The key is to be ever vigilant. Read more here: https://www.techworm.net/2017/06/facebooks-new-phishing-scam-pads-urls-hyphens.html
A zero day hack has been used against a human rights activist. In this case it was unsuccessful because rather than clicking on the link, he did what you should do, he forwarded it to security experts that uncovered the exploit. Read more about it on Network World here: NetworkWorld iOS Zero Day Hack Found
We have seen this in the wild. The users are targeted and it seems legit. The key to not falling for this stuff is communication.
Since the FBI’s Internet Crime Complaint Center (IC3) began tracking BEC scams in late 2013, it has compiled statistics on more than 7,000 U.S. companies that have been victimized—with total dollar losses exceeding $740 million. That doesn’t include victims outside the U.S. and unreported losses, the FBI stated. According to IC3, since the beginning of 2015 there has been a 270% increase in identified BEC victims.Source: FBI: Major business e-mail scam blasts 270% increase since 2015