Sextortion – the Latest Phishing Scam Blackmailing Users

In Information Security, Malware, News, Phishingby Joseph GutwirthLeave a Comment

Reading Time: 4 minutes

Over the past several weeks a new phishing scam has been happening where an email is sent to a user showing that the hacker has their password and claiming to have a video of them while visiting a porn website. The email claims to have compromised your webcam, recorded you during your visit to a porn site, and that the email addresses of your friends, family, and so on have also been obtained. The email goes on to say if you don’t send a payment via bitcoin within 24 hours they will send a dual-screen video showing your recording along with the recording of the porn site you were visiting and then send it to all your email contacts. They also claim that the email you just received has a tracking pixel in it that lets them know you’ve just read their email.

Here’s the scoop on this scam. Yes, your password was truly hacked – most probably obtained from one of the many compromised websites (Yahoo!, Experian, Under Armour, Target, eBay, etc.). You may even find that the password, which will be quoted in the email you received from the hacker, is one of the your old passwords or it could even be a password you currently use.

From the forensics we’ve seen on examples of this phishing email, there is no tracking pixel located within the file so the hacker will not be notified if and when you open the email. Also, the originating source of the email is coming from a Microsoft web-based email solution meaning that the hacker is connecting into a free email service using their web browser and not connecting from their own email client or mail server. Microsoft has been alerted of the scam, but this same process could be done from any web-based mail service.  An email service provider can still identify the IP and potentially the location of someone connecting to it, but can obfuscate this by spoofing their IP or using proxied connections.

Do not pay the ransom

This is a mass phishing scam and a scare tactic attempting to get you to send a ransom payment via an untraceable bitcoin payment. Yes, it’s always possible to have your webcam compromised and to record you without your knowledge, even disabling your webcam’s green light (https://www.washingtonpost.com/news/the-switch/wp/2013/12/18/research-shows-how-macbook-webcams-can-spy-on-their-users-without-warning), but this particular scam is just a mass campaign to get as many people as possible to send the hackers money.

Here’s what the phishing email looks like (including spelling & grammatical errors)

“I do know, <your password>, is your pass word. You may not know me and you’re most likely wondering why you’re getting this e mail, right?

actually, I placed a malware on the adult vids (sexually graphic) web site and do you know what, you visited this web site to experience fun (you know what I mean). While you were watching video clips, your internet browser began working as a RDP (Remote control Desktop) having a keylogger which gave me access to your screen as well as web cam. Immediately after that, my software gathered every one of your contacts from your Messenger, Facebook, and email.

What did I do?

I made a double-screen video. First part displays the video you were viewing (you’ve got a nice taste hahah), and second part displays the recording of your webcam.

exactly what should you do?

Well, I believe, $2900 is a reasonable price for our little secret. You will make the payment via Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).

BTC Address: <hacker’s bitcoin account>

(It is cAsE sensitive, so copy and paste it)

Important:

You have one day in order to make the payment. (I’ve a special pixel within this e-mail, and at this moment I know that you have read through this email message). If I don’t receive the BitCoins, I will definately send out your video recording to all of your contacts including family members, co-workers, and many others. Having said that, if I do get paid, I’ll erase the video immidiately. If you want evidence, reply with “Yes!” and I definitely will send your video recording to your 8 friends. It’s a non-negotiable offer, and thus do not waste my personal time and yours by responding to this message.”

What you can do to protect yourself

  1. Get a security screen for your web camera. A security screen is a small sliding adhesive cover that fits over your webcam that you can slide to cover or open your webcam. Simply open the slider when you are using your webcam and close it when you aren’t . Yes, this is grandpa’s technology solution, but it works.
  2. Use strong passwords. Don’t use simple or common terms for your login credentials. Using your name, a variation of your name, your social security number, your children’s names, address, etc. is asking for trouble. Get a good password management application and let it generate longer more complex passwords for you. This will help avoid common terms that password-cracking applications have in their database that are easy to hack with.
    1. Use unique passwords. Many people tend to use the same password or the same group of passwords for login credentials across a variety of websites. When one site is compromised chances are good that hackers have access to multiple websites. Using a password generating and management application will help solve this by choosing a unique password for each login credential for each site. This is a bit of a hassle, but it’s worth protecting yourself from getting compromised. Also, many good password management applications have the ability to quickly or automatically enter your username and password.
  3. Use the latest updated antivirus and anti-malware solutions. There are many great products, some of which can keep you insulated from this particular scam and similar scams. Software is only as good as the latest update, so be sure to have your software automatically update or manually do an update to ensure that you have their most recent virus definitions and bug-fixes.
  4. Don’t do something you shouldn’t do. If something you are doing on your computer feels wrong to you then it’s probably wrong and not worth doing. Visiting sites that can be problematic can bring problems. While you can protect yourself with the latest antivirus and anti malware software, things can still go wrong. Be smart with how you conduct yourself online.

Are you experiencing a security compromise you need help with? Contact Us – We’ll be happy to help.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.