Catch Of The Week: Sextortion Scams Are Back

Los Alamos 

Everybody has been home more than usual lately, and we’re all getting a little stir crazy; so are the cybercriminals.

The tired old “sextortion” email scam is once again making the rounds. 

In the latest round of sextortion emails, the cybercriminal claims they a have “implanted malware” on your computer, and oh no – they caught you watching porn. Not only did they catch you, but they also got the screenshots of it, and they will send them to everyone in your contacts unless you pay them a fee in bitcoins. 

These emails are scams, they do not have any screenshots or footage of you watching porn, and it’s just another low sophistication phishing scam. 

They may also provide “proof” that they got you, by giving a password that you may have used at some point. You may indeed recognize this password, but unless you haven’t changed your password in years, it’s probably fine. 

Passwords linked to email addresses are often dumped on the web after data breaches; it’s trivial to search and find password/email combinations online that have been breached. This is yet another reason not to reuse passwords across different sites and to change your passwords after any possible data breaches.

Law enforcement officials across the country have been warning users about these emails. They are scams, and they use fear to frighten you into sending them money. Don’t get scared – do not reply to the email, just delete it, and use good password hygiene:

  • Don’t reuse passwords;
  • Change your passwords for affected accounts after a data breach;
  • Use a password manager (Lastpass, Dashlane, etc.); and
  • Use complex, hard to break passwords.

According to reports from Forbes, these scams are raking in $100,000 a month. These scams go after “low hanging fruit” by sending out tons of emails using botnets. Botnets are hacked computers that are controlled by cybercriminals and used for spam email campaigns, distributed denial of service attacks (DDOS), etc. If you cast your lure out often enough, eventually you will catch something, it’s a numbers game.

While most email services will be able to filter these out, some scammers are more sophisticated.  Sophos security has seen numerous campaigns where cybercriminals use obfuscation techniques to slide past spam filters. These techniques include hiding text in images, breaking up the words with invisible strings, using encoded non-ASCII characters that look similar to “regular” letters, using hidden white garbage text to break up the message, and concealing the text in HTML style tags outside the message body.    

Here is an example of a scam email, from (Electronic Frontier Foundation):

Hi, victim.I write yоu becаusе I put а mаlware оn the wеb раge with porn whiсh yоu hаve visitеd.My virus grаbbed all your рersonal infо аnd turnеd on yоur сamеrа which сaрtured the рroсеss оf your onаnism. Just aftеr that the soft savеd yоur соntaсt list.I will dеlеte thе сompromising video and infо if you pаy me 999 USD in bitcoin. This is address fоr рaymеnt :

And another example scam email:

I know, password, is your pass word. You may not know me and you’re most likely wondering why you are getting this e mail, correct?
In fact, I placed a malware on the adult vids (porn material) web-site and you know what, you visited this website to have fun (you know what I mean). While you were watching video clips, your internet browser initiated operating as a RDP (Remote Desktop) that has a keylogger which provided me access to your screen and also webcam. Immediately after that, my software program gathered your entire contacts from your Messenger, social networks, as well as email.

The key here is not to panic. It’s just a scam, one that is hitting millions of other people; delete it, and move on. Stay safe, and don’t fall for a phish!

Editor’s note: Becky Rutherford works in information technology at Los Alamos National Laboratory.