Sextortion Blackmail Scam Continues to Plague Business Emails.
Phishing scams have been around for over twenty-years and are still reeling in victims on a daily basis. Since the evolution of the internet we’ve been warned about the dangers of cyber crime. Yet, two decades later, the vulnerability of even the most astute and street wise individuals continues to be tested. The Phishing email was developed to be a smart hack, literally designed to fish for personal information. The terminology comes from PHREAKS, who were he first generation of notorious hackers to target the internet. Today, more than ever, hacking and cyber crime is prevalent in epidemic proportions.
As we enter 2019, the Sextortion Blackmail Scam is set to take it’s place alongside some of the Top Phishing Scams in history. These include The Moscow World Cup Vacation Rental Scam, Dear Customer Email Scams, Smishing and the legendary Nigerian scam, which involves someone overseas offering you a share in a large sum of money or a payment on the condition you help them to transfer money out of their country.
How Does the Sextortion Blackmail Scam Work?
The highly effective Sextortion Blackmail Scam continues to plague businesses and individuals across the globe by cyber criminals. The latest phishing trend uses cleverly constructed emails claiming to prove that the intended victims have been recorded online viewing pornography. Emails threaten to expose the recorded footage online unless substantial ransoms are paid using untraceable Bitcoin Accounts. The Scam, which has adopted the name of “Sextortion” has been widely reported to National Crime agencies and Law Enforcement across the world including the FBI and the National Crime Agency to name just two. The Sextortion Blackmail Scam really is nothing new. It’s really a new take on the extortion theme where the criminal convinces the victim into sending naked videos or images before the criminal began blackmailing the victim. The new trending scam takes things to a new level, relying on the elements of shame, guilt and self doubt of the victim, through a campaign of financially-motivated Sextortion. It’s believed that over 13,000 complaints were made relating to Sextortion Blackmail Scams during the month of July 2018 alone.
Step 1 – The victim receives an email
The emails often appear to have been sent from the recipients own email address and includes content such as usernames, passwords, personal information and other details that seek to bolster the hackers credibility and to immediately shock the recipient into believing that the email is genuine. The Sextortion Blackmail scam brings together a big mix of social engineering and extortion claiming to have hacked your computer’s webcam and recorded your sexual activities while you allegedly watched pornography. The email will often state that RAT Malware has been opened when you clicked on your website of choice. A (RAT) is a A remote access Trojan malware program that includes a back door for administrative control over the target computer. RATs are usually downloaded invisibly with a user-requested program such as a game or as an email attachment. The email will claim the Malware was downloaded and did a number of things simultaneously. The Virus cloned your whole contact list and social media details. Whilst this was happening in the background, the virus recorded a video of your computer screen along with footage from your webcam. You’ll probably notice that the alleged date of the incident remains very calm. Using terminology such as “A few months Ago…” to place a timescale on when the alleged video was captured. This is deliberately used a s a tactic to confuse the victim, particularly if they have been viewing adult information regularly and making it impossible to pinpoint exactly whay evidence they may or may not have intercepted.
Step 2 – The Sting
It states that you sexual act will be distributed electronically on social media and to all of your business and personal contacts including friends, family and work colleagues, unless of course, you pay a substantial ransom using untraceable bitcoin currency (BTC.) The ransom demand will be time limited, generally offering between 48 and 72 hours for the victim to pay the ransom. The ransom demand varies considerably from email to email but it’s not uncommon to expect in the region of $200 USD to $4,000 USD.
The emails will contain a number of themes but will essentially carry the same message of which a few examples are listed below;
I am aware one of your passphrase: password. Lets get directly to point. Not a single person has compensated me to investigate about you. You do not know me and you are probably wondering why you’re getting this e mail?actually, I actually installed a software on the adult vids (sex sites) site and you know what, you visited this web site to have fun (you know what I mean). When you were viewing videos, your internet browser initiated working as a Remote control Desktop that has a key logger which provided me access to your display screen and also web cam. Right after that, my software program collected your complete contacts from your Messenger, FB, and email . After that I created a double-screen video. 1st part shows the video you were viewing (you’ve got a good taste haha . . .), and 2nd part shows the view of your webcam, and its u. You do have only 2 alternatives. We are going to understand these types of choices in aspects: 1st solution is to disregard this message. In this case, I am going to send your actual video clip to just about all of your contacts and thus you can easily imagine about the disgrace you feel. Not to mention should you be in a relationship, just how it will eventually affect? Number two choice will be to pay me $3000. We will think of it as a donation. As a consequence, I most certainly will without delay eliminate your videotape. You will keep going on your daily life like this never happened and you will not hear back again from me. You’ll make the payment through Bitcoin (if you do not know this, search for “how to buy bitcoin” in Google).
ATTN: <email address> THIS IS NOT A JOKE – I AM DEAD SERIOUS!
Hi perv, The last time you visited a pornographic website with teens, you downloaded and installed software I developed. My program has turned on your camera and recorded the process of your masturbation. My software has also downloaded all your email contact lists and a list of your friends on Facebook. I have both the ‘<name>.mp4’ with your masturbation as well as a file with all your contacts on my hard drive. You are very perverted! If you want me to delete both the files and keep the secret, you must send me Bitcoin payment. I give you 72 hours for payment. If you don’t know how to send Bitcoins, visit Google. Send 2.000 USD to this Bitcoin address immediately: 3QBCunubfjup2DCFDpUzX2exurv7wws2Nv (copy and paste) 1 BTC = 3,580 USD right now, so send exactly 0.564369 BTC to the address provided above. Do not try to cheat me! As soon as you open this Email I will know you opened it. This Bitcoin address is linked to you only, so I will know if you sent the correct amount. When you pay in full, I will remove the files and deactivate my program. If you don’t send the payment, I will send your masturbation video to ALL YOUR FRIENDS AND ASSOCIATES from your contact list I hacked. Here are the payment details again: Send 0.564369 BTC to this Bitcoin address: 3QBCunubfjup2DCFDpUzX2exurv7wws2Nv You саn visit police but nobody will help you. I know what I am doing. I don’t live in your country and I know how to stay anonymous. Don’t try to deceive me – I will know it immediately – my spy ware is recording all the websites you visit and all keys you press. If you do – I will send this ugly recording to everyone you know, including your family. Don’t cheat me! Don’t forget the shame and if you ignore this message your life will be ruined. I am waiting for your Bitcoin payment. If you need more time to buy and send 0.564369 BTC, open your notepad and write ’48h plz’. I will consider giving you another 48 hours before I release the vid. Anonymous Hacker
Hello there! There is nothing hidden that is not shown – you`ll see what I mean in just a moment. Recently you were browsing a website that has pornographic content and yes, I saw you masturbating. It is not my duty to teach you what to do or how to do it I want you to pay me to keep this thing private You`ll have to take care of this finance-related issue. Before you question yourself how did that happened, I`ll tell you How did I get it? While you were browsing porn sites email@example.com accidentally installed the malware I used to hack the website So consequently I`ve hacked your computer I`ve got all your names and passwords, access to your email, messengers and other things. If you want to know my secret, I used keylogger. When I got ahold of your desktop I immediately installed keylogger on your system. There was one other program involved, I’m not gonna tell you which but it gave me access to your webcam so I recorded all the things you did in front of the computer. Guess what I filmed? You masturbating. I am sure your friends and family will be delighted to see you do your dirty business, a long time will pass before you can get clean of all this mess. Okay, here is what you should do (if you do exactly what I ask, I will delete that embarrassing video and let you be). You must send 650 us dollars To my bitcoin wallet 1FXTXQEWFaPukDUWcMYnbgae1FpPtYNyA6. That`s it, it`s all you have to do. Don`t waste your time replying to this email I`m not gonna read it but the system will notify me when you make the payment. After you read this message, you have 24 hours to make the payment. You can reply to this email in case you need more time (48 hours max) to collect the money. I hope you understand everything I`ve mentioned. Sorry for my English, it isn’t particularly popular in my country P.S. I`am expecting to see the money on my account within 24 hours
Hi, victim.I write yоu becаusе I put а mаlware оn the wеb раge with porn whiсh yоu hаve visitеd.My virus grаbbed all your рersonal infо аnd turnеd on yоur сamеrа which сaрtured the рroсеss оf your onаnism. Just aftеr that the soft savеd yоur соntaсt list.I will dеlеte thе сompromising video and infо if you pаy me 999 USD in bitcoin. This is address fоr рaymеnt : 1K2jNTLdbHEwaALQWKMeGoKLWD67Cb6q8BI give yоu 30 hоurs aftеr you ореn my mеssаge for making the trаnsactiоn.As sоon аs yоu reаd the mеssаgе I’ll see it right awаy.It is nоt necessary tо tell mе thаt you hаve sеnt money to me. This address is соnneсtеd tо yоu, my systеm will dеlete еverything automаtically aftеr trаnsfer соnfirmаtiоn.If yоu nееd 48 h just reрly оn this letter with +.Yоu сan visit thе pоlicе stаtion but nobоdy cаn hеlp yоu.If you try to dеceive mе , I’ll sеe it right аway !I dont live in yоur соuntry. So they саn nоt track my lосаtiоn evеn for 9 months. Goodbyе. Dоnt fоrget аbоut thе shame and tо ignore, Yоur life can be ruined.
Step 3 – The Request for Payment
The whole Sextortion Blackmail Scam situation is pretty terrifying,, especially if the extortion revolves around your work computer. In light that the worlds most influential pornographic site receives 75 Million Hits Per Day it’s not unrealistic to make an assumption that mass email campaigns will at some point, reach some of the demographic that makes up these astonishing numbers. The hackers are literally fishing for active people who may just be susceptible enough to part with large amounts of cash in an attempt to hide their activities. The generic Sextortion Blackmail Scam emails are cleverly constructed, There are numerous examples available detailing variations of the same scam, but they all have underlying similarity that play in favour of the person receiving the threat;
*The email actually gives no credible indication that the hacker is in possession of any of your personal data. You’re not mentioned by name despite the fact the Hacker has allegedly cloned your whole address book and knows all of your personal information.
*When exactly did you visit the adult site. If the Hacker has painstakingly taken the time to target you, your hardware, your computer screen and cameras, then why haven’t they sent you evidence of this?
*Has the Hacker sent you any visual proof of the alleged self-abuse? With this kind of phishing scam (and let’s not confuse it with other forms of genuine Sextortion Blackmail, which can and has serious consequences,) the answer will generally be No. The Criminals behind these scams are playing on words and don’t want you to request proof, because the chances are, there is none available.
*The Hacker will demand payment into a Bitcoin account but they won’t give you details on the process of how to pay or how to set up a Bitcoin Wallet. Why? The answer to this is that the more research the Sextortion Blackmail Scam encourages the victim to undertake, the greater the doubt it places in the victims mind that the email is genuine.
The truth is, that data breaches are common place and sensitive information and passwords have been intercepted in vast numbers. You only need to look at the Aadhaar Data Breach affecting 1.1 Billion people in India over six months including Aadhaar numbers, names, email and physical addresses, phone numbers, and photos. Why not check out the Top 10 Data Breachers of 2018. Scammers are likely to directly obtain this information or purchase it through the dark web for mass email campaigns. Using the Have i been pwned? website will give you some kind of indication if your email details have compromised.
For this type of Sextortion Blackmail Scam, it should really only work if a number of factors are in place including;
a) The recipient has a webcam or camera on their device. In 2019, this is a distinct possibility with smart phones, PC’s, Laptops, TV’s or Tablets all with the potential to house cameras.
b) The recipient has been viewing adult content online – In 2016, a survey published in Archives of Sexual Behavior, stated that 16.1% of men watched pornography at work on their smartphone or tablet and 5.4% watched it on a work computer. As much as we may not like the idea, the statics fuel hackers to try and extort victims.
c)The recipient actually communicates with the hacker and pays the extortionate ransom demands.
You may have landed on this page because you’ve received a Sextortion email. You may have
WHAT SHOULD I DO?
You may be reading this because you’ve personally received a Sextortion Blackmail Scam Email either at work or at home. Don’t worry. You certainly won’t be alone. Should you bite the bullet and pay for your extorter’s silence. In our opinion, the answer is a resounding “NO.” Do not pay under any circumstances. The whole premise of this extortion scam, relies purely on the statistics that a tiny number of victims will actually respond out of a batch of potentially thousands, maybe even millions of mass distributed emails. There is an expectation that the majority of these emails will not be answered, in fact, most will probably drop into the Spam or Junk Folders of potential victims only to be read days or weeks after the deadline for payment has passed by. Hackers rely on engagement with victims at which point, they will move to the next stage of the extortion. Without engagement, it’s impossible of the criminals to turn on the pressure of those petrified people whose world’s have literally been turned upside down with fear.
SHOULD I PAY THE RANSOM?
If you’ve ever had an animal and you feed it every day, eventually, it will keep coming back to its’ source of food. The same principle applies to Sextortion Blackmail Scams. Pay once and you’re showing that you either have the money to pay and risk the extortioners coming back time and time again. You should not pay the ransom. Firstly, you will never see your money again. Bitcoin transactions are pseudo-anonymous, which means they can be tracked, however, Bitcoin Mixing, Tor- Onion Router, Logless VPN’s, New Address for Transactions and JoinMarket are a few ways that criminals avoid their identities being linked to their Bitcoin Wallets. In reality, once you send cash to the Hackers Bitcoin Address, your money is gone. Losing your money gives the criminals scope to continue sending demands to potential victims.
HOW DO I DEAL WITH THIS?
There are a number of steps that could help to eradicate this type of email plaguing you in the future and to keep you safer online.
*Don’t communicate with the Criminals emailing you. Avoid the feeding the animals. Once you start, you’ll never be free of them. Your details are likely to be shared and you may start a depressing chain of events that will take a long while to break.
*Changing your password is a must. You ma very well recognise the passwords used in your emails but these are likely to have been obtained from historical data breaches. If an attacker had genuinely intercepted your password, then there are many more lucrative means of clearing out your bank account or causing financial deprivation using online fraud.
*Remain calm. The people operating these scams continue to practice because believe it or not, victims actually pay the ransom. It may seem difficult to comprehend but the Sextortion Blackmails Scams work. They use psychological damage to drum up fear in potential victims and once this is in place, it becomes difficult to rationalise the situation. Anxiety, fear, and emotion are all used as triggers to extort money.
*Cover your webcam. If it means sticking a piece of gaffer tape or a plaster over it, then at least you’ve taken positive steps to keep yourself safe. The whole taping over of your webcam and microphone was brought into the public domain when Facebook Founder Mark Zuckerberg posted an image of himself and his own Macbook Webcam was clearly shown as having been taped up. If you’re worried about the cosmetics of doing this, then take a look online and you’ll fins hundreds of webcam covers available at very affordable prices.
*Don’t open any attachments that may be linked to the emails under any circumstances. You may have panicked when you first saw this email, but remaining rational and not making foolish mistakes from the offset will be very beneficial. If you feel better retaining the evidence of the email, then that’s fine, particularly if the extortion differs from the type of scam we are discussing here. If the email address is not your own email, then block the sender straight away.
If you search the internet for this very subject, you will find numerous examples posted in comment sections by victims, targets and worried business owners and staff. We’ve left the comments section open, so please feel free to document your experiences and offer advice as to how you dealt with this type of Scam.
If you are based in the UK, the Action Fraud website will offer further assistance on this subject.