by Paul Ducklin
Sophos News
We’ve seen a recent surge of concern about sextortion emails over the last few days.
A sextortion or porn scam email is where cybercriminals email you out of the blue to claim that they’ve implanted malware on your computer, and have therefore been able to keep tabs on your online activity.
The crooks go on to claim that they’ve taken screenshots of you looking at a porn site – along with video recorded from your webcam.
They say they’ve put the screenshots and the webcam footage side-by-side to create an embarrassing video that they’re going to send to your friends and family
…unless you pay them blackmail money, usually somewhere from $1,500 to $4,000, paid in bitcoins to a BTC address that the crooks provide in the email.
Here is a copy of one such email, notice all the spelling mistakes? The person that received the email does not own a personal computer with a webcam!
I know, [REDACTED], is your pass word.
I require your 100% attention for the up coming Twenty-four hrs, or I may make sure you that you live out of guilt for the rest of your life span.
Hello there, you don’t know me. But I know just about everything about you. Your personal fb contact list, phone contacts as well as all the digital activity in your computer from past 123 days.
Consisting of, your masturbation video, which brings me to the primary motive why I am crafting this specific e-mail to you.
Well the last time you visited the porn material web sites, my malware was triggered inside your personal computer which ended up recording a beautiful video of your masturbation act by activating your cam.
(you got a exceptionally unusual preference btw lmfao)
I own the whole recording. In the case you feel I ‘m fooling around, just reply proof and I will be forwarding the recording randomly to 9 people you know.
It may be your friend, co workers, boss, mother and father (I’m not sure! My system will randomly select the contacts).
Will you be able to look into anyone’s eyes again after it? I doubt it…
However, doesn’t necessarily have to be that path.
I’m going to make you a 1 time, non negotiable offer.
Get $ 2000 in bitcoin and send them on the below address:
bc1***qjlpdcnjnl83q9erh0ldn42v0tk7dad65uq5m7a
[case sensitive copy & paste it, and remove *** from it]
(If you don’t understand how, lookup how to purchase bitcoin. Do not waste my valuable time)
If you send this particular ‘donation’ (let’s call this that?). Immediately after that, I will go away for good and under no circumstances contact you again. I will delete everything I’ve got in relation to you. You may very well keep on living your current regular day to day lifestyle with absolutely no concerns.
You’ve got 1 day to do so. Your time starts off as soon you read through this e-mail. I have got an special code that will alert me once you read this e-mail so do not attempt to play smart.
What to do
These emails are scams, and are just a pack of lies to frighten you into sending money. Do not send any money.
Our advice is simply to “delete the email and move on,” if any of your accounts are using the password then change them and enable Two-factor authentication. You can check to see if your email address has been exposed to websites that have had data breaches by entering your email at www.haveibeenpwned.com. If your email appears on breached sites, change your password immediately. Read some tips on making a secure password.
Don’t click on any links. The links could lead to you downloading a virus or malware onto your computer.
There’s something deeply unsettling about receiving threats to spread terrible stories about you – even if you never watch porn and know perfectly well that the threats are fake news, who knows how other people might react to falsehoods if they’re told a believable and salacious story about you?
What if the crooks don’t have the porn video but they do have malware on your computer?
Let us help set your mind at easy and do a complete malware/virus removal