Sextortion Email Scam

John Grennan
Share on facebook
Share on twitter
Share on linkedin

Sextortion Email Scam

Sextortion email scams have been doing the rounds for a couple of years now. Lately however, we’ve noticed an increase in the frequency of the attacks here in Ireland and several of our clients have contacted us seeking advise on how to deal with this.

 

The goal of this scam is to persuade you, by way of threat, to part with funds by making payment to the scammers in Bitcoin. What makes this scam even more convincing is that the email you receive will likely show an actual password you have previously used or possibly still use and that was harvested from one of several high-profile data breaches over the last several years.  

If you want to check if your email address has been compromised in the past I suggest you visit https://haveibeenpwned.com.

The following is an example of a typical sextortion email.

“I’m aware that <an actual password you have previously used or still use> is your password,” 

You don’t know me and you’re thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).

BTC  Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72
(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I do get paid, I will erase the video immediately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.

What should you do?

Ignore the email. That’s all you really need to do and do not respond to the scammer. They don’t have any embarrassing videos or images they claim to have. If you are still using the password shown in the email, then obviously change it immediately on any accounts it is associates with.  

If you are concerned or just have a question, please don’t hesitate to email us at hello@it,ie and we’ll be happy to advise.  For advise on how to keep your passwords safe, please visit https://it.ie/keep-passwords-secure/

IT.ie – Together we can beat cybercrime.