Sextortion scams have become increasingly common in recent years, with record numbers being reported in 2018. These types of attacks are potentially very lucrative for an attacker, due to the highly embarrassing or compromising nature of the material. In many cases, the hacker holds no sensitive information on the individual in question; however, simply the small possibility that the hacker does indeed have anything compromising is enough for many individuals to pay the demanded sum.
The most common types of sextortion scams included hackers spoofing threatening emails from law enforcement agencies claiming that they have caught an individual visiting an illegal website or emails from hackings claiming to have installed malware on computers and have recorded the victim through their webcam.
BleepingComputer, a computer help website, has recently reported a new law-agency-spoofing scam. The hacker has designed the emails to appear as if the CIA has sent them. The emails claim that the recipient is being investigated as part of a major operation into the distribution and storage of pornographic material involving underage children.
The recipient is informed that their email address has been verified concerning accessing the above content. The email claims the user’s personal information, address, work address, and a list of relatives and family members are detailed in an attached PDF file. The user’s email address is also included in the body text of the email. The user is informed that the CIA plans to make arrests starting April 19, 2019.
The PDF is password protected, and the user is required to use the password supplied in the email to open the file. In the PDF, the hacker demands payment of $5,000 in Bitcoin in return for deleting the user’s details from the CIA database.
This scam should be identified as evidently fake; the CIA is unlikely to email anyone involved in such a high-profile investigation warning them of potential arrests.
Netsec News has reported on a webcam extortion scam campaign. The cybersecurity news website received one of these sextortion emails, in which a hacker claims to have installed malware that has recorded the user visiting pornographic websites.
The hacker claims the malware gave the hacker access to the webcam and user’s browsing history. Furthermore, the hacker claims to have recorded footage of the user while visiting adult sites. The hacker threatens to send the video, which has been spliced with the content that was being viewed at the time, to the user’s friends, family members, and associates.
The scammer demands payment of $2,000 in Bitcoin to remove the malware and delete the video file. The Bitcoin address has yet to receive any payments at the time of posting.
The user should delete the emails if they appear in an email inbox.