Over the last year I have had a number of ‘sextortion scams’ land in my inbox. I wrote about one sextortion scam in December 2018, in fact.
Sextortion scams are becoming very common. According to the latest research, one in ten phishing emails are sextortion based. Sextortionists are a nasty lot. They prey on people’s feelings of embarrassment and even shame. This week’s scam of the week is a twist on the typical sextortion email.
This Scam and That Scam – Comparison Between Two Sextortion Scam Emails
In previous sextortion scams, the email was very obviously a scam. If you check out the image below you can see it has typical warning signs of a scam email.
Typical sextortion email contains:
- The salutation was to my email address and NOT my actual name (a demonstration of the automated nature of the email)
- There was a ransom demand in bitcoin
- I was given 72 hours to pay up or else the ‘video’ that was taken of me in a compromising position would be distributed to my friends and family
This latest sextortion scam has similar threats and demands:
- There is a demand for payment in bitcoin
- There is a threat to distribute a compromising video if you don’t pay up
What is different about this scam is that it has a password in the body text of the email.
What’s more, this password is a real password that you have used in the past. This is a new(ish) tactic by the cybercriminal behind such scams; although there have been password sextortion scams doing the rounds for several months.
Placing a real password in the body of email content gives the scammer’s claim weight. This adds to the alarm on reading the email. This then leads to a higher likelihood of a successful ransom payment.
Cybercriminals are masters of behaviour manipulation and this is just another crafty trick.
How Did They Get Hold of Your Password?
Passwords are often stolen along with other data when a breach happens. Also, previous successful phishing emails may have stolen your password. Hopefully, by the time you receive a sextortion scam (password version), you will have changed any known compromised passwords.
If you want to check out if any of your passwords have been stolen, use Troy Hunt’s password checking tool:
Then, enter any of your current passwords and click submit. The tool checks through 551,509,767 known stolen passwords to see if your password is on the list. If it is, change your password to something robust.
You may think that scam emails like this are never going to work, but it only takes one or two people to fall for the trick and the scammers make money. Because of this fact, we will continue to get scams in our inboxes. And you can bet the tricks they use to manipulate us, to click on links, download infected attachments or hand over our hard-earned cash, will become more sophisticated.
Be warned: This sextortion scam is also found to have other variants. This includes instead of a password being displayed in the email, the last 4 -digits of your phone number are used instead. Again, this is possible because your phone number will have been included in a data breach.
If you get an email that you believe to be a sextortion scam, delete it. The scammers are blackmailers, out to trick you.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The Sextortion Password Scam
An email may drop into your inbox that states the sender has infected your PC with malware which has videoed you using a porn website. The email will contain a password that you recognise – the password is from a data breach and is real. However, the scammer behind the email is a blackmailer trying to trick you into paying a ransom.
Ignore this email, delete it, and make sure if you haven’t done so already, you change the password.
Don’t forget to share this with your colleagues and friends and help them stay safe.