The VICE Channels

    Image: Shutterstock

    DDoS Attacks and Ransom Notes Hit Online Florists Before Valentine’s Day

    Written by

    Joseph Cox


    Cybercriminals often latch onto current affairs or yearly events in inventive ways to maximize their profits. That, apparently, also includes sending extortion attempts to online florists shortly before Valentines Day.

    On Friday, cybersecurity company Incapsula claimed on its blog that at least one of its online florist customers was recently the target of a DDoS attack, and that nearly a quarter of its 34 florist customers saw a “sharp” increase in attack traffic.

    “There does not appear to be a trend in attacks against all online florists, but rather targeted attacks,” Ofer Gayer, a senior security researcher and Tim Matthew, VP of marketing write.

    Bear in mind that as a private, for-profit cybersecurity company, Incapsula obviously benefits from publishing about disruptive DDoS attacks—one of the products the company sells is DDoS protection.

    Previously, scammers have tapped into peoples' curiosity by setting up fake news stories to drive clicks, and dark web drug dealers have even held Christmas time sales.

    But more interesting than the timely DDoS attacks on florists is that one of the company's clients reportedly received a ransom note.

    There has been a noticeable up-tick in the number of DDoS extortion campaigns recently. Back in November, cybercriminals demanded that ProtonMail, an encrypted email service, pay them a ransom. In exchange, the crooks would stop DDoS'ing the site. ProtonMail coughed up around $6,000, but the attacks carried on anyway. A number of other email service were reportedly sent ransom notes too, but stood their ground.

    As for this latest incident, it's not clear whether the florist decided to pay up the ransom. Whatever the case, cybercriminals will continue to creatively find new ways to pull money out of their targets.