Contact us today!
(808) 529-4605

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:


You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at (808) 529-4605.

Request a Consultation

Request a
Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for you!

Contact Us!

Free Consultation

Tag Cloud

Tip of the Week Security Technology Privacy Best Practices Cloud Business Computing Hackers Google Malware Backup Software Windows 10 Microsoft Internet Innovation Network Security Hosted Solutions Smartphones Mobile Devices Data Email Browser Productivity Efficiency Hardware VoIP Ransomware User Tips Business Disaster Recovery Cybercrime Business Continuity Computer Miscellaneous Android Tech Term Windows Business Management Smartphone Office Alert IT Services Upgrade Telephone Systems Network Outsourced IT Data Backup communications Computers Managed IT Services Cloud Computing Automation Small Business Collaboration Quick Tips Productivity Chrome Virtualization Money Law Enforcement Save Money Social Media Managed IT Services Facebook Artificial Intelligence How To Social Engineering Password Server Workplace Tips Data Recovery Health Router Cybersecurity Office Tips Internet of Things Passwords App Work/Life Balance Bandwidth Wi-Fi Bring Your Own Device Gadgets Gmail Spam Operating System Two-factor Authentication Mobile Device Management Office 365 Communication History Remote Computing Data Management Networking Flexibility VPN Applications Safety Application Google Drive Microsoft Office Recovery IT Support Data Protection Apps Word Connectivity Data Security BDR Entertainment Marketing Private Cloud Data Breach HaaS Windows 10 Managed Service Provider Vulnerability Hacking Holiday Phishing Patch Management Physical Security Redundancy USB Data storage Information End of Support Budget CES PDF Scam Meetings Identity Theft BYOD Mobility Data Storage YouTube Infrastructure Paperless Office Avoiding Downtime Content Management eWaste Comparison Spam Blocking Big Data Settings Legal IT Management The Internet of Things Keyboard Black Market Electronic Medical Records Internet Exlporer Battery Blockchain Charger Best Practice Mobile Device IT Plan Website DDoS Windows 7 Remote Monitoring Managed IT Employer-Employee Relationship User Error Mouse Government Business Intelligence Retail Unsupported Software Robot Public Cloud Encryption Downtime IT Support Update Hiring/Firing Sports OneNote Wearable Technology Cleaning Criminal Servers Hybrid Cloud Solid State Drive Start Menu Network Congestion Mobile Office Remote Work Nanotechnology Scalability Software Tips Multi-Factor Security Rootkit Chromecast IBM Notifications Practices Cast Computer Care Employer Employee Relationship Netflix Workers Social Document Management Risk Management Assessment Programming Staff Biometrics Safe Mode Travel Two Factor Authentication webinar Tech Support Online Shopping Addiction Apple Excel Workforce Customer Relationship Management HVAC Audit Tools IT Consultant Smart Tech Instant Messaging Trending Training Sync Troubleshooting Supercomputer Hosted Computing Monitor Managed Service Computer Accessories Internet exploMicrosoft Users Telecommuting Politics Television Virtual Assistant Root Cause Analysis Conferencing Running Cable Shadow IT Evernote Cache iPhone Tip of the week Streaming Media Saving Money Customer Service Enterprise Content Management Information Technology Computer Fan Transportation Samsung Credit Cards Relocation Vendor Management Inventory Reputation Shortcut Google Docs Bluetooth Password Manager Social Networking Machine Learning Advertising Virtual Reality Windows Server 2008 Public Computer Lithium-ion battery Digital Signature Telephone System Techology Emails Wireless Charging Wireless Internet Going Green Fax Server Password Management FENG Value Benefits Leadership Environment Fraud Devices Humor MSP IT solutions HBO Specifications Content Windows 10s Telephony Books Current Events Access Control Customers NarrowBand Business Mangement Worker Commute Experience Accountants Data loss Save Time Cortana Wire Files Education Audiobook SaaS HIPAA Laptop Mobile Computing NIST Wireless Firewall Uninterrupted Power Supply Amazon Thought Leadership File Sharing Search Outlook Skype Emergency Knowledge People Authentication Video Games Voice over Internet Protocol Worker Distributed Denial of Service Wireless Technology Recycling Flash Music Automobile Maintenance Screen Mirroring Google Apps Smart Office Computing Infrastructure Human Resources Touchpad Cryptocurrency Botnet Smart Technology Amazon Web Services How to Frequently Asked Questions Millennials Congratulations CrashOverride WiFi Company Culture Compliance Webinar Thank You Managing Stress Regulation IT solutions Twitter Augmented Reality