It’s been almost a year since I first posted about “sextortion” emails that attempt to convince you that someone has hacked your computer and recorded you watching pornography. The campus continues to get all kinds of variations on this scam, with changes in subject, wording, tone, threats, and payment amount. Some appear to come from your own account. Some are crudely worded and attempt to shame or frighten you, while others coyly dance around the description of the content of videos, but the one thing they have in common is that they are all fake! I wanted to write an updated post about these emails since we are still receiving them.
For those who haven’t received one of these emails, the scam suggests that the recipient has watched pornographic material online. The scammers sometimes up the validity level by including a password, usually an old one, that the target (you) has used in the past, gathered from online password dumps. They also claim to have installed malware on “the adult site” (which is never named) that grabs all of the user’s contacts and gives them control of the user’s webcam. Most of the emails attempt to convince the recipient that the scammer is not only skilled, but ultimately untouchable and untraceable, and has complete control of the system or account. Ultimately, the scammers threaten to send a video to the user’s contact list showing not only what the user watched on the site, but what they were doing while watching it, unless the user pays them some amount of money (anywhere from $200 to $2000 has been requested) in the form of Bitcoin or other digital currency. Some try to scare the user into not sharing the email with anyone, as they claim that they will release the video immediately if this happens, to discourage them from asking their IT department for help or clarification.
The likelihood of the scam working depends heavily on two things – first, whether or not the recipient has a web cam and two, whether or not the recipient watches pornography online. If the answer is “no” to either qualification, the email is easily dismissed. Unfortunately, with the number of laptops and even desktops that have web cams either built in or attached and the surprising number of people who indulge in viewing pornography online, this crazy-sounding blackmail scheme works, to the tune of millions of dollars. Most of these emails ask for less than $500 in digital currency. Some versions of this scam will include links to a “sample” of the (non-existent) video. Do not follow the links! The downloaded file will infect the computer with malware that will steal credentials and data.
Please continue to report these as phishing emails or simply delete them.