New type of sextortion scam: watch out
Updated at: Oct 01, 2019
Imagine that you receive an email saying that your device's camera has been hacked and you need to pay a ransom so that compromising pictures are not posted on social networks and sent to your friends list.
Oh, that’s an old one; this is not a new scam, you could say. That’s a sextortion fraud. Yes, it is, but how would you react if at the beginning of the email the fraudsters show you a real password? One of the many passwords you use or have already used.
What is the ransom amount? A few thousand dollars.
I know that some people would freak out!
This new type of sextortion scam was disclosed on the KrebsOnSecurity blog. Just take a look at how the fraud looks like:
"I do know, [YOUR PASSWORD], is your password. You do not know me and you are probably thinking why you are getting this efmail, correct?
actually, I placed a malware on the adult videos (pornography) website and do you know what, you visited this web site to experience fun (you know what I mean). While you were watching videos, your internet browser initiated working as a RDP (Remote Desktop) that has a key logger which gave me accessibility to your display and also webcam. after that, my software program obtained all your contacts from your Messenger, Facebook, as well as email.
What exactly did I do?
I made a double-screen video. First part displays the video you were viewing (you've got a nice taste haha), and second part shows the recording of your webcam.
exactly what should you do?
Well, I believe, $2900 is a reasonable price tag for our little secret. You'll make the payment via Bitcoin (if you don't know this, search "how to buy bitcoin" in Google).
BTC Address: 19ZFj3nLSJCgoAcvZSgxs6fWoEmvJhfKkY
(It is cAsE sensitive, so copy and paste it)
You have one day to make the payment. (I've a unique pixel within this email message, and now I know that you have read this e mail). If I do not get the BitCoins, I will definitely send out your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I receive the payment, I'll erase the video immediately. If you want evidence, reply with "Yes!" and I will send your video to your 9 friends. It is a non-negotiable offer that being said do not waste my time and yours by replying to this email."
According to the blog, the fraud works almost automatically and randomly, sending emails with usernames and passwords from a data breach at a popular website.
Our first tip for situations like this is:
- Do not pay the ransom. You should seek help from experts in digital security.
Other tips are:
- Pay attention to file downloads and attachments;
- Check the spelling of email addresses, names and signatures;
- If you have a business, train your team to recognize frauds.