A new sextortion scheme has been found preying on victims’ fears through social engineering, and follows in the footsteps of recent sextortion schemes demanding payment in bitcoin. Security researchers at Mimecast observed the scheme during the first week of the year. The scheme reportedly sent a total of 1,687 emails on Jan. 2 and 3, mostly to U.S. email account holders.
At first glance, the scheme is nothing new compared to other sextortion schemes seen through the years. It poses a similar threat: Pay up, or the threat actors will publicly expose your nude videos in an adult website.
Unlike with other sextortion schemes that involve the victim’s use of webcams in certain websites and applications, the actors behind this operation claim to have infected the victim’s cellphone with malware that is capable of spreading to nearby devices with cameras.
In Big Brother-esque fashion, the scammers claim to have access to footage from the victim’s own phone and both home and public security cameras, and that they have been monitoring the recipient’s activities for the past 11 months. The fraudsters even go as far as claiming that they can locate the victim’s exact location by triangulating the signal from the owner’s cell phone. They then threaten to expose the recorded video on porn websites.
Even without any indication that they actually have any of the said footage (or that they can actually follow through with their threats), the growing concerns on the privacy of security cameras help make the scheme seem more credible.
How the scheme works
Here’s how the extortion scheme works, from the first email sent up to the revelation of the demand.
- The victim receives an email informing them that the hackers have their nude footage. The email contains a username and password, and instructs the victim to log in to an email account using these credentials.
- Upon logging in, the victim will find an email containing a link leading to a page that shows what appears to be three live feeds: two from cameras in public spaces, and one that is supposedly from the victim’s phone but instead shows a static screen and the text “Connection Lost”.
- The page will then show a ransom note explaining the details of the virus and the aforementioned extortion threat. The ransom note also instructs the recipient to send a message to the provided email address.
- After sending the email, the victim will receive an email with another set of credentials, and will be instructed to log in to another email account.
- In this email account, the victim will find a message that finally discloses the extortion demand and payment instructions. The scammers demand a payment of €500 in bitcoin, or gift cards worth US$600. Another version of the email states the sum of €800 or US$800 in either bitcoin or gift cards, to be paid within four days.
Defense against online extortion schemes
Online extortion schemes are always evolving, and it pays to know how to thwart them. When faced with extortion threats, it’s important not to panic, as letting fear take over will only make you more susceptible to caving in to the hacker’s demands. Never respond to the email or give in to the threats.
Below are some ways to avoid online extortion threats:
- Store personal data on secure platforms.
- Don’t click on URLs or open attachments from unknown sources. If the email claims to come from a brand or company you know, verify or contact them through the phone numbers or email addresses listed on their official website to confirm if the email truly came from them.
- Use strong passwords for online accounts and change them regularly.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report