Today, I have learnt a new English Word – Sextortion. Not that the issue was not seem before in the Internet Universe (the term has been introduced about 70 years ago), but just today coincidentally, several of my real and virtual friends reported their exposure to the new kind of scam.
What is Sextortion?
Based on Wikipedia, Sextortion is a form of sexual exploitation that employs non-physical forms of coercion to extort sexual favors from the victim. Sextortion refers to the broad category of sexual exploitation in which abuse of power is the means of coercion, as well as to the category of sexual exploitation in which threatened release of sexual images or information is the means of coercion.
Sextortion also refers to a form of blackmail in which sexual information or images are used to extort sexual favors from the victim. Social media and text messages are often the source of the sexual material and the threatened means of sharing it with others. An example of this type of sextortion is where people are extorted with a nude image of themselves they shared on the Internet through sexting. They are later coerced into performing sexual acts with the person doing the extorting or are coerced into posing or performing sexually on camera, thus producing hardcore pornography.
… yes, there is a difference between the classical scheme, and the one used to all as a scam. The scammers do not need any sexual favors. They need money, plain and simple.
And online scammers have been even more innovating of late. In the last month, one group of ne’er-do-wells has sent out spam emails telling recipients they’ve been caught watching porn through their webcam, and if they don’t pay, all their dirty laundry will be aired in public. That’s not new. But putting a novel twist on that scam, the crooks are sending through passwords they claim to have stolen as proof they have been spying on the victim. So far, more than 150 people have coughed up $250,000 in Bitcoin for fear of their private Web browsing habits being exposed.
I am aware one of your passphrase: password. Lets get directly to point. Not a single person has compensated me to investigate about you. You do not know me and you are probably wondering why you're getting this e mail?actually, I actually installed a software on the adult vids (sex sites) site and you know what, you visited this web site to have fun (you know what I mean). When you were viewing videos, your internet browser initiated working as a Remote control Desktop that has a key logger which provided me access to your display screen and also web cam. Right after that, my software program collected your complete contacts from your Messenger, FB, and email . After that I created a double-screen video. 1st part shows the video you were viewing (you've got a good taste haha . . .), and 2nd part shows the view of your webcam, and its u.
You do have only 2 alternatives. We are going to understand these types of choices in aspects:
1st solution is to disregard this message. In this case, I am going to send your actual video clip to just about all of your contacts and thus you can easily imagine about the disgrace you feel. Not to mention should you be in a relationship, just how it will eventually affect?
Number two choice will be to pay me $3000. We will think of it as a donation. As a consequence, I most certainly will without delay eliminate your videotape. You will keep going on your daily life like this never happened and you will not hear back again from me.
You'll make the payment through Bitcoin (if you do not know this, search for "how to buy bitcoin" in Google).
Hi, victim. I write you because I put а malware on the web page with porn which you have visited. My virus grabbed all your personal info and turned on your сamеrа which сaрtured the рroсеss of your onаnism. Just after that the soft saved your соntaсt list. I will delete the compromising video and info if you pay me 999 USD in bitcoin. This is address for рaymеnt: 1K2jNTLdbHEwaALQWKMeGoKLWD67Cb6q8B.
I give you 30 hours after you ореn my message for making the transaction. As soon as you read the mеssаgе, I'll see it right away. It is not necessary to tell me that you have sent money to me. This address is соnneсtеd to you, my system will delete everything automatically after transfer соnfirmаtiоn. If you nееd 48 h just reply on this letter with +. You can visit the police station but nobody can help you. If you try to deceive me, I'll see it right away! I don’t live in your соuntry. So, they саn not track my lосаtiоn even for 9 months. Goodbye. Don’t forget аbоut the shame and to ignore, Your life can be ruined.
If you were more vigilant while playing with yourself, I wouldn't worry you. I don't think that playing with yourself is very bad, but when all colleagues, relatives and friends get video record of it- it is obviously for u.
I adjusted virus on a porn web-site which you have visited. When the victim press on a play button, device begins recording the screen and all cameras on your device starts working.
Moreover, my program makes a dedicated desktop supplied with key logger function from your device , so I could get all contacts from ya e-mail, messengers and other social networks. I've chosen this e-mail cuz It's your working address, so u should read it.
Ì think that 730 usd is pretty enough for this little false. I made a split screen vid (records from screen (u have interesting tastes) and camera ooooooh... it’s awful)
So its your choice, if u want me to erase this compromising evidence use my Bitcoin wallet address- 1JEjgJzaWAYYXsyVvU2kTTgvR9ENCAGJ35
You have one day after opening my message, I put the special tracking pixel in it, so when you will open it I will know. If ya want me to share proofs with ya, reply on this message and I will send my creation to five contacts that I've got from ur contacts.
P.S... You can try to complain to cops, but I don't think that they can solve ur problem, the investigation will last for several months- I'm from Estonia - so I dgf LOL
I know, password, is your pass word. You may not know me and you're most likely wondering why you are getting this e mail, correct?
In fact, I placed a malware on the adult vids (porn material) web-site and you know what, you visited this website to have fun (you know what I mean). While you were watching video clips, your internet browser initiated operating as a RDP (Remote Desktop) that has a keylogger which provided me access to your screen and also webcam. Immediately after that, my software program gathered your entire contacts from your Messenger, social networks, as well as email.
What did I do?
I made a double-screen video. 1st part shows the video you were watching (you have a good taste lmao), and 2nd part shows the recording of your webcam.
exactly what should you do?
Well, I believe, $2900 is a fair price for our little secret. You'll make the payment by Bitcoin (if you don't know this, search "how to buy bitcoin" in Google).
BTC Address: 1MQNUSnquwPM9eQgs7KtjDcQZBfaW7iVge
(It is cAsE sensitive, so copy and paste it)
You have one day in order to make the payment. (I have a specific pixel in this email message, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will definitely send out your video recording to all of your contacts including family members, coworkers, etc. However, if I do get paid, I'll destroy the video immediately. If you want to have evidence, reply with "Yes!" and I will certainly send out your video to your 14 contacts. This is the non-negotiable offer, so please don't waste my personal time and yours by responding to this email message.
You got one? What to do?
For most people, who got such letter, it is not fun. At least one my virtual friend got into serious medical condition due to the stressful situation, even thou he does not masturbate in front of his computer, and does not even have camera on his desktop. The mere idea of somebody getting your password and violating your virtual privacy might be painful to unbearable.
The first rule – do not panic. Most likely, they only have your old password, that’s it. They use the fear of the recipients to extort money, and if even one out of 10 victims will pay they already justify their time and efforts.
The second rule - do not pay the ransom. As said, this email still doesn't mean you've been hacked. The scammers in this case likely matched up a database of emails and stolen passwords and sent this scam out to potentially millions of people, hoping that enough of them would be worried enough and pay out that the scam would become profitable.
The third rule – do not respond to the email. With this type of scam, the perpetrator relies on the likelihood that a small number of people will respond out of a batch of potentially millions. Fundamentally this isn't that much different from the old Nigerian prince scam, just with a different hook. By default, they expect most people will not even open the email, let alone read it. But once they get a response—and a conversation is initiated—they will likely move into a more advanced stage of the scam. It’s better to not respond at all.
Prevention, prevention, prevention!
According to the FBI, here are some things you can do to avoid becoming a victim:
* Never send compromising images of yourself to anyone, no matter who they are — or who they say they are.
* Don’t open attachments from people you don’t know, and in general be wary of opening attachments even from those you do know.
* Turn off [and/or cover] any web cameras when you are not using them.
* Make sure to enable two-factor authentication whenever that is an option on your online accounts.
* If get affected, stop using the password, that the scammer used in the phishing email, immediately, and consider employing a password manager to keep your passwords strong and unique.
Sources and Additional Information: