Sextortion Email Scam
Updated July 22 – Sextortion email scams have been around for quite some time and every now and then a new wave will target the inboxes of unsuspecting victims. This once again appears to be the case and we have noticed an increase in requests for advice on how to handle this.
The goal of this scam is to persuade you, by way of threat to part with funds by making payment to the scammers, usually in cryptocurrency. What makes this scam even more convincing is that the scammers may have an actual password you have previously used or possibly still use and that was harvested from one of several high-profile data breaches over the past several years. This is not uncommon, and I suggest you go to this website https://haveibeenpwned.com. and check if any of your email addresses have been compromised. Don’t be surprised if at least one has; over 3 billion email addresses have been compromised over the past several years.
The following is an example of a typical sextortion email from July 2022
Hi. How are you?
I know, it’s unpleasant to start the conversation with bad news, but I have no choice. A few months ago, I have gained access to your devices that used by you for internet browsing. Afterwards, I could track down all your internet activities.
Here is the history of how it could become possible:
At first, I purchased from hackers the access to multiple email accounts (nowadays, it is a really simple thing to do online). As result, I could easily log in to your email account (They will use an email address here that you recognise and may even display an old password that may or may not be still in use)
One week later, I installed Trojan virus in Operating Systems of all devices of yours, which you use to open email. Frankly speaking, it was rather straightforward (since you were opening the links from your inbox emails). Everything ingenious is quite simple.
My software enables me with access to all controllers inside devices of yours, like microphone, keyboard and video camera. I could easily download to my servers all your private info, including the history of web browsing and photos. I can effortlessly gain access to all your messengers, social networks accounts, emails, contact list as well as chat history.
The email you receive will be quite a bit longer than the partial one I’ve shared here with similar poor grammar. It goes on to say that they have video evidence of you engaging with content on adult-themed websites and threatening to release the video to your colleagues, family or the wider public if you don’t make a payment in cryptocurrency within the next 48 hours. The email also warns you not to inform the authorities or they will make the video public, straight away.
At the very end of the email, they go as far as to make the very helpful suggestion that you should change all your passwords to prevent future compromise.
What should you do?
- Do not respond to the sender.
- Do not make any form of payment
- Inform your IT Department or IT Service Provider
- Ensure that Multi-Factor Authentication (MFA) is enabled on all services that require login.
If you have already made a payment, you should immediately cease communications with the sender and inform the authorities in your region.
If you are concerned or just have a question, please don’t hesitate to email us at hello@it,ie and we’ll be happy to advise.
IT.ie – Together we can beat cybercrime.