It’s a new twist on an old email scam that is proving to catch some people off-guard. The recipient receives an email from an attacker who claims to have hacked your computer and webcam in order to make a video of you while watching porn. The hacker threatens to release the video to all of your contacts unless you pay a bitcoin ransom. The difference with this newest scam attempt is that it involves a former password for the recipient’s email.
The basics of this scam have been around for ages. Before now, only the bitcoin address or amount had changed. This one, however, is different. The opening barrage states-
“I’m aware that <substitute password formerly used by recipient here> is your password,” reads the salutation.”
The rest is somewhat uninspired:
“You don’t know me and you’re thinking why you received this email, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do?
I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do?
Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT
(It is cAsE sensitive, so copy and paste it)
You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immediately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”
The Miller Group has received a number of calls and emails alerting us to this scam in recent weeks. The clients have verified that the referenced password is one that they had used in the past although most seem to be from many years ago and likely not on the computer that they currently use.
It seems the hacker(s) have automated this scam from a previous large-scale website data breach many years ago. Likely, every victim of that old data breach is receiving some type of email related to this scam referencing old usernames and passwords. As time goes, we will see how much more sophisticated the scam gets; possibly using other personal information that is found online like addresses or relationships to convince someone that the threat is real.
Sextortion is illegal. Even scams like this one with no actual leverage are serious and should be reported to the police. According to the FBI, here are a few things you can do to avoid becoming a victim of sextortion.
- Change your passwords regularly and make sure they are strong.
- Never send compromising images to anyone, no matter who they are or say they are.
- Don’t open attachments from people you don’t know and be wary in general of attachments even from those you know.
- Turn off all cameras when not in use.
If you have questions about this latest scam or would like more information on how we secure your data and devices, please give us a call at 314-822-8090 or email firstname.lastname@example.org. Visit here for more cybersecurity information too.