Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Alternative IT Solutions Blog

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at (0)20 8498 4300.

The Best Way to Approach Data Backup
Tip of the Week: Cloud Software for File Sharing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, March 22, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Business Computing Privacy Network Security Hosted Solutions Google Data Backup Email User Tips Tech Term Mobile Devices Productivity Malware Hackers Data Data Recovery IT Support VoIp Cloud Computing Managed IT Services Innovation Communications Efficiency Internet Outsourced IT Microsoft Software Communication Workplace Tips Managed IT Services Hardware IT Services Backup Smartphone Smartphones Windows 10 Internet of Things Network Small Business Saving Money BDR Business Artificial Intelligence Browser Android Chrome Business Management Cybersecurity Router Business Continuity Alert Server Cybercrime Gadgets Mobile Device Ransomware How To Windows Disaster Recovery Applications Phishing Holiday Two-factor Authentication Word Data Protection Computer Mobile Device Management Data Security Computers Spam Information Office 365 Collaboration Money Vulnerability Social Media Identity Theft Social Engineering Facebook Save Money Miscellaneous Paperless Office BYOD Managed IT IT Management Business Intelligence Software as a Service Servers Private Cloud Telephone Systems Settings Connectivity Encryption Wi-Fi Remote Monitoring Managed Service Voice over Internet Protocol Human Resources Sports Update App Infrastructure Access Control Data Storage Virtual Assistant CES Augmented Reality Microsoft Office Meetings Mobile Computing Proactive IT Networking Operating System OneNote Apps Budget Value Telephone System Work/Life Balance Bring Your Own Device Password Spam Blocking Content Management Mobility Data Breach Cryptocurrency Telephony Credit Cards VPN Compliance Google Docs Firewall Blockchain Keyboard Automation Document Management Fraud Training Machine Learning Redundancy Botnet Website Workers Google Drive Comparison Upgrade Virtualization Law Enforcement Scam IT Plan Unsupported Software Employer-Employee Relationship Windows 7 Avoiding Downtime Passwords Display Start Menu Millennials Electronic Medical Records The Internet of Things Software Tips Camera Netflix Recovery Database Online Shopping Hiring/Firing Smart Tech Patch Management NIST Bing Regulations Digital Signage IT Consultant Frequently Asked Questions Mouse Recycling Security Cameras Tools Workforce SaaS Staff Smart Office Black Market WiFi Bandwidth Cleaning Authentication Flexibility IBM Cache Solid State Drive Remote Worker Evernote HVAC Flash Shortcuts Windows 10s Google Search Mobile IT Support Entertainment Downtime Excel Administrator Multi-Factor Security eWaste Hacker Current Events Digital Signature Physical Security Theft Password Manager Computer Care Nanotechnology Supercomputer Wireless Internet Audit Wiring webinar Health Practices Data loss Safe Mode Net Neutrality Professional Services Save Time Accountants Root Cause Analysis Tip of the week Microchip Trending Risk Management Quick Tips Knowledge PDF Cortana Big Data Unified Threat Management HIPAA USB Data Warehousing Wireless Charging Conferencing Hosted Computing Screen Mirroring File Sharing Social Skype Legal Public Cloud Help Desk ISP Amazon Office Tips Leadership YouTube Windows Server 2008 Enterprise Content Management Sync Content Filtering Smartwatch Travel Telecommuting Network Congestion FENG HBO Warranty Google Apps Business Mangement Devices Specifications Marketing Data Management Wire Computer Fan Government Charger Inventory Cast Business Technology Vendor Criminal Addiction MSP Cryptomining Amazon Web Services Password Management Search Engine Information Technology Lifestyle Employee Remote Work HaaS Outlook Printer Gmail Samsung Thought Leadership Remote Computing Cables Computer Accessories Congratulations Managing Stress Instant Messaging Assessment Rootkit Analysis Electronic Health Records Business Owner Streaming Media Printers Unified Communications Bluetooth Two Factor Authentication Bata Backup Analytics Employer Employee Relationship Vendor Management Insurance Content Filter Proactive Television Worker Virtual Private Network Office Distribution eCommerce Storage VoIP Remote Monitoring and Maintenance Public Computer Loyalty Regulation Employee/Employer Relationship Managed Service Provider Education Project Management GDPR Logistics Safety Hacking Battery Twitter Line of Business Utility Computing Windows 10 Students E-Commerce Manufacturing Fiber-Optic Automobile Thank You Consultation IoT Company Culture Strategy Healthcare

Latest News & Events

Alternative IT Solutions is proud to announce the launch of our new website at https://www.alternative-IT.co.uk. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Alternative IT Solutions can do for your business.

Call Us Today
Call us today
(0)20 8498 4300

Avocet House, Trinity Park, Trinity Way
London, England E4 8TD