Servertastic

UK £ US $ Euro

  • Home
    • About Servertastic
    • Servertastic Blog
  • Cyber Security
    • SiteLock Website Security
    • Vulnerability Scanning
  • SSL/TLS Certificates
    • SSL Certificate Comparison Chart
    • Sectigo Certificates
      • PositiveSSL DV
      • PositiveSSL DV Multi-Domain
      • PositiveSSL DV Wildcard
      • PositiveSSL EV
      • PositiveSSL EV Multi-Domain
      • Sectigo DV SSL
      • Sectigo SSL DV Multi-Domain
      • Sectigo DV SSL Wildcard
      • Sectigo OV SSL
      • Sectigo SSL OV Multi-Domain
      • Sectigo OV SSL Wildcard
      • Sectigo EV SSL
      • Sectigo SSL EV Multi-Domain
    • RapidSSL DV
      • RapidSSL Wildcard DV
    • Geotrust Certificates
      • QuickSSL Premium DV
      • True BusinessID EV
      • True BusinessID OV
    • DigiCert Products
      • Secure Site OV
      • Secure Site EV
      • Secure Site Pro OV
      • Secure Site Pro EV
      • Secure Site Wildcard OV
      • Norton Seal
    • Microsoft Exchange certificate
    • EV Certificates
    • Wildcard Certificates
    • DV Certificates
    • Validated Certificates
    • Multi Domain Certificates
      • True BusinessID OV Multi Domain
      • Sectigo SSL EV Multi-Domain
      • Sectigo SSL OV Multi-Domain
      • Sectigo SSL DV Multi-Domain
      • PositiveSSL EV Multi-Domain
      • PositiveSSL DV Multi-Domain
      • QuickSSL Premium DV
      • True BusinessID OV
      • True BusinessID EV
  • SmarterTools
    • SmarterMail
      • SmarterMail Upgrades
      • SmarterMail Maintenance and Support
      • SmarterMail Message Sniffer
      • SmarterMail ActiveSync
      • SmarterMail Exchange Web Services
    • SmarterStats
      • SmarterStats Upgrades
      • SmarterStats Maintenance and Support
    • SmarterTrack
      • SmarterTrack Upgrades
      • SmarterTrack Maintenance and Support
      • SmarterTrack Communicator
  • Account Login
  • Help
    • Read the Docs
    • FAQS
  • Contact
  • LOG OUT

Introduction to Sextortion Emails

21st March 2019

Man viewing sextortion email

You look through your new emails and spot something with a severe warning in the subject. The content makes some worrying claims. They hacked into your webcam and filmed you watching porn. They also have your email contacts, and are threatening to send the footage to each one of them. Just to make the message even more convincing, they seem to know one of your passwords. Of course, you can spare yourself the humiliation by making a small payment in bitcoins.

And you only have twenty four hours to comply, or else.

This is the usual premise behind Sextortion emails, a scam which blackmails its victims into paying up to save face.

A typical threat may read something similar to this;

"I'm aware, XXXXXX is your password. You don't know me and you're probably thinking why you are getting this mail, right? 

Well, I actually placed a malware on the adult video clips (porno) web site and guess what, you visited this website to experience fun (you know what I mean). While you were watching video clips, your internet browser started out working as a RDP (Remote Desktop) with a key logger which gave me access to your display screen as well as web camera. Just after that, my software program gathered every one of your contacts from your Messenger, Facebook, and email. 

What did I do?

I made a double-screen video. First part shows the video you were watching (you have a nice taste omg), and 2nd part displays the recording of your webcam. 

Exactly what should you do? 

Well, I believe, $2900 is a fair price tag for our little secret. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google). 

BTC Address: 1HpXtDRumKRhaFTXXXXXXXXXX 

(It is cAsE sensitive, so copy and paste it)

Important: 

You now have one day to make the payment. (I have a special pixel within this email message, and now I know that you have read this e mail). If I do not receive the BitCoins, I will definately send out your video recording to all of your contacts including close relatives, co-workers, and many others. Nevertheless, if I receive the payment, I'll destroy the video immidiately. If you need evidence, reply with "Yes!" and I will send your video to your 10 friends. It is a non-negotiable offer, therefore do not waste my time and yours by responding to this message."

So am I in Danger?

The good news is that these emails are bluffing. They likely haven’t been watching you. The passwords, or any other information they have on you, was likely acquired from a data breach from another website.

Sextortion is a good example of how cyber criminals will create a sense of urgency to bypass the victims critical thinking. The thought that a malicious party has damning footage of you may scare you into acting quickly to save yourself.

When you’re scared, you don’t think straight, and are more susceptible to believing the scammer. The sprinkling of your password, or other data, adds a hint of legitimacy to their threats and could lead you to believing they actually know something.

The success of these scams relies on balancing the danger with the likelihood. The warning needs to be dire enough to inspire you to take action, but believable enough for you to not dismiss it immediately.

Other Sextortion style scams have attempted to push the boat out further, with more outlandish claims proving less successful. One such version even threatened the victim with a hired assassin, which proved too difficult to take seriously. On the other hand, since plenty of people watch porn, those threats will elicit more responses.

Understanding this is the key to see through a range of online scams, including phishing or tech support scams.

How do I Handle Sextortion Emails?

When handling Sextortion emails, don’t take any threats at face value. Like all suspicious emails, don’t click on any links or attachments that may have been included. These can be vectors for malware. You can simply delete the email.

If you spotted any of your passwords in the message, it’s worth taking precautions. Have I been Pwned can tell you if your email address has been compromised in any data breaches. The password section can inform you if the password was leaked. You should consider changing the password in either case.

If you have a habit of reusing passwords, then this needs remedying, since information leaked in breaches could be used to break into other accounts. Using a password manager can help you select better passwords and make each one different without needing you to remember all of them.

Fully featured email servers give you the option of creating filters to block potentially harmful messages. Since Sextortion messages often use similar language it’s easy to create a filter that will block the majority of them. This saves you the hassle of dealing with more scams.

Whatever you do, don't give these crooks a single penny.

Filed Under: Cyber Crime Tagged With: cyber crime, cyber security, email, sextortion

  • Blog Home
  • Cyber Security Services
  • Contact Us

Recent Posts

  • Test and Trace privacy – your new obligations
  • Data and cyber security risks with the new Track & Trace system
  • Staying safe from fraud – Covid19
  • Is your desk photo giving away important data?
  • Cyber security when working from home – stay safe online

Cyber Security Services

  • Cyber Security
  • Cyber Essentials Certification
  • Cyber Security Awareness Training

Sectigo Products

  • PositiveSSL DV
  • PositiveSSL with EV
  • PositiveSSL DV Wildcard
  • Sectigo DV SSL
  • Sectigo DV SSL Wildcard
  • Sectigo OV SSL
  • Sectigo OV SSL Wildcard
  • Sectigo EV SSL
  • Sectigo SSL DV Multi-Domain
  • PositiveSSL DV Multi-Domain
  • Sectigo SSL OV Multi-Domain
  • PositiveSSL EV Multi-Domain

DigiCert Products

  • DigiCert Features
  • Secure Site OV
  • Secure Site EV
  • Secure Site Pro OV
  • Secure Site Pro EV
  • Secure Site OV Wildcard
  • Secure Site Pro Wildcard OV
  • Norton Seal

Geotrust Products

  • QuickSSL Premium DV
  • QuickSSL Premium Multi Domain
  • QuickSSL Premium Wildcard DV
  • True BusinessID OV
  • True BusinessID OV Multi Domain
  • True BusinessID EV
  • True BusinessID EV Multi Domain
  • True BusinessID OV Wildcard

RapidSSL Products

  • RapidSSL DV
  • RapidSSL Wildcard DV

SmarterTools Products

  • SmarterMail
  • SmarterStats
  • SmarterTrack

Support

  • Knowledge Base Home
  • Current System Status

Resellers

  • Reseller Program
  • Reseller Login
  • Reseller Sign-Up
  • Reseller Terms and Conditions

Social Media

  • Twitter
  • Facebook
  • Medium
  • LinkedIn

Legal

  • Terms and Conditions
  • Refund Policy
  • Privacy Policy
  • Reseller Terms and Conditions
  • VAT On Purchases

Servertastic Limited is registered in England and Wales.
Registered Company Number: 04982077
VAT Number: GB125485804

Hosted by LayerShift

 Mastercard Maestro Visa American Express
Diners Club JCB Discover Paypal
Sectigo Trust Seal
Reviews
Cyber Essentials