[Scam Alert] 3 Common Types of Blackmail and Sextortion Scams — And How to Deal With Them.

Author: Trend Micro

December 17, 2021

This article is from Trend Micro.

What are “sextortion” email scams?

One example is the sextortion email scam, where an aspect of sexual content, emphasized by scammers as shameful, persuades you into doing their bidding — e.g., intimidating emails claiming that you have been observed doing something sensitive while watching pornographic videos.

There are also blackmail email scams, in which scammers claim that your corporate, personal or health information has been found leaked in a data breach. The sender threatens to send the pictures, videos or sensitive information to all of your contacts unless you pay them money. These scams are very common and continue to evolve.

3 sextortion explanations the scammer use (to explain how they have access to your camera and privacy):

  • They set up malware on porn website.
  • They penetrated with “zero-click” vulnerability on Pegasus or Zoom.
  • They got your email account, password from hackers.

The context of scam emails has the same pattern for some time, and usually the only thing that changes is the Bitcoin address where you can pay the amount demanded.

Sources: Security Boulevard

Check out this sample below:

Hello there!

Unfortunately, there are some bad news for you. Around several months ago I have obtained access to your devices that you were using to browse internet. Subsequently, I have proceeded with tracking down internet activities of yours.

Below, is the sequence of past events: In the past, I have bought access from hackers to numerous email accounts (today, that is a very straightforward task that can be done online).
Clearly, I have effortlessly logged in to email account of yours (your@email.com).

A week after that, I have managed to install Trojan virus to Operating Systems of all your devices that are used for email access. Actually, that was quite simple (because you were clicking the links in inbox emails). All smart things are quite straightforward. (>_<)

The software of mine allows me to access to all controllers in your devices, such as video camera, microphone and keyboard. I have managed to download all your personal data, as well as web browsing history and photos to my servers. I can access all messengers of yours, as well as emails, social networks, contacts list and even chat history. My virus unceasingly refreshes its signatures (since it is driver-based), and hereby stays invisible for your antivirus.

So, by now you should already understand the reason why I remained unnoticed until this very moment…

While collecting your information, I have found out that you are also a huge fan of websites for adults. You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun. I have recorded several kinky scenes of yours and montaged some videos, where you reach orgasms while passionately masturbating.

If you still doubt my serious intentions, it only takes couple mouse clicks to share your videos with your friends, relatives and even colleagues. It is also not a problem for me to allow those vids for access of public as well. I truly believe, you would not want this to occur, understanding how special are the videos you love watching, (you are clearly aware of that) all that stuff can result in a real disaster for you.

Let’s resolve it like this:
All you need is $1350 USD transfer to my account (bitcoin equivalent based on exchange rate during your transfer), and after the transaction is successful, I will proceed to delete all that kinky stuff without delay. ………..

Below is bitcoin wallet of mine: 1B5ic9iQpyafTEfWxHM4Xq6PkzbickrL8g

You are given not more than 48 hours after you have opened this email (2 days to be precise).

What should I do if I receive these emails?

  • DO NOT PAY THE RANSOM! And more importantly DO NOT REPLY, because sometimes a scammer will escalate if you reply. If they really had a video or picture of you they will at least show some proof like a screenshot. If they allege that they have your corporate, personal or health information they should have shown a sample of it as well.
  • Don’t open any attachments. Don’t take the chance, it might contain real malware.
  • Just in case they show you a password of yours, double check if it is an old password. Scammers buy dumps of old email accounts and passwords on the darknet that were disseminated in data leaks.
  • If they show you a password that you are currently using, change it. Never use that password again and it is recommended to use Two-Factor Authentication.
  • Sometimes the email will appear to be sent from your own email address as “proof” that they have hacked your computer and your email account, but this is only a trick called email spoofing. When your email address is spoofed, you can ask your ISP for help in filtering out emails that fail authentication.
  • You can report such emails to the FBI at https://www.ic3.gov/default.aspx.

Why Do Blackmail/Sextortion Emails work?

It is because of fear. People assume they will never be a victim but in reality, we are prone to phishing attacks. Well-fabricated explanations by a scammer will likely make the scam more credible. The fear will do the rest and with the addition of shame, people can make irrational decision.

Keep Calm & Carry On

It can be scary, but remember that these scam emails are designed to inject fear. If they really have what they are claiming they have, they will provide an accurate sample to you. It is either a screenshot of the video or a sample of personal/corporate information.

These scams are very common and continue to evolve. Tragically, sextortion email scams have led victims to suicide, including a case involving five separate men in the UK and one in the United States. These are just a few of these types of cases. If you’ve found this helpful, please do SHARE with family and friends and help protect them.

 

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Popular Stories

As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu

So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking.  If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller.  The condition of the item was misrepresented on the product page. This could be the