The evolution of cyber scams
Some cyber scams are quite simple, preying on people’s generosity or their greed. You might receive an email from a foreign prince, who claims he needs to get money out of his country and all he needs is your bank details and he will transfer thousands into your account. Other scams will start a correspondence with you, then after a while contact you claiming some disaster has befallen them and asking you to send some money. Then there are the more complex scams that actually involve hacking into your account to get access to your details. Recently hacked passwords have been sent to their original user as evidence that their computers have been compromised and then used to blackmail the user.
What is sextortion?
Sextortion can mean using non-physical means of extorting sexual favours from the victim. In this context, however, it means blackmailing people with sexual information or pictures. Scammers will email you with your own password – this shows that they have access to your computer and can immediately make you feel vulnerable. They then claim that they have accessed sexual information or images of you; often they will claim that they have accessed your webcam and have videos of you watching adult material. They will then demand that you pay them a sum of money, often in bitcoin, otherwise they will release the information to the public.
What does a sextortion email look like?
They normally open with your own password to get your attention. They then go on to explain that they have used this to gain access to information about you, including all of your contacts. They will claim that they have turned your computer into an RDP (remote desktop) and through that, they have been able to film you accessing adult material on the Internet. They will then demand a sum of money is deposited into a specific bitcoin account. The email usually ends with a short time limit, claiming that if they do not receive the money in this time they will release the videos. By giving you a short time to meet their demands, often only 24 hours, they hope to make you panic and not have time to seek further advice on what to do.
What if the email contains a password I recognise?
Don’t worry, you should check if your email address is listed on haveibeenpwned.com it may have got there from a number of sources, this includes a potential virus on your computer and for example an Adobe hack that happened a few months back.
What should I do if I receive one of these emails?
The key thing to do when receiving one of these emails is not to reply and certainly not to pay them any money. The threats contained in the email are completely empty and they will not actually have the information they claim to. It would still be much easier and less time consuming for them to just pretend they had, rather than go to the trouble of attaining it. Even if they did have something they could use against you, their claims that they would delete it once you have paid could not be trusted. There would be nothing to stop them asking for money again and again.
You will need to take action to protect yourself so that your passwords cannot be easily hacked and to make sure your information is secure. You should change your password immediately if you receive one of these emails and even if you do not, you should update your passwords regularly. Your passwords should be strong, using a combination of upper and lowercase letters, numbers and symbols. You should install good anti-virus software on your computer and make sure it is kept up to date. Your webcam should be covered when not in use.