Here’s a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipient’s email address.
The basic elements of this sextortion scam email have been around for some time, and usually the only thing that changes with this particular message is the Bitcoin address that frightened targets can use to pay the amount demanded. But this one begins with an unusual opening salvo:
“I’m aware that <substitute password formerly used by recipient here> is your password,” reads the salutation.
The rest is formulaic:
You don’t know me and you’re thinking why you received this e mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do?
I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do?
Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT
8V72
(It is cAsE sensitive, so copy and paste it)Important:
You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.
KrebsOnSecurity heard from three different readers who received a similar email in the past 72 hours. In every case, the recipients said the password referenced in the email’s opening sentence was in fact a password they had previously used at an account online that was tied to their email address.
However, all three recipients said the password was close to ten years old, and that none of the passwords cited in the sextortion email they received had been used anytime on their current computers.
It is likely that this improved sextortion attempt is at least semi-automated: My guess is that the perpetrator has created some kind of script that draws directly from the usernames and passwords from a given data breach at a popular Web site that happened more than a decade ago, and that every victim who had their password compromised as part of that breach is getting this same email at the address used to sign up at that hacked Web site.
I suspect that as this scam gets refined even more, perpetrators will begin using more recent and relevant passwords — and perhaps other personal data that can be found online — to convince people that the hacking threat is real. That’s because there are a number of shady password lookup services online that index billions of usernames (i.e. email addresses) and passwords stolen in some of the biggest data breaches to date.
Alternatively, an industrious scammer could simply execute this scheme using a customer database from a freshly hacked Web site, emailing all users of that hacked site with a similar message and a current, working password. Tech support scammers also may begin latching onto this method as well.
Sextortion — even semi-automated scams like this one with no actual physical leverage to backstop the extortion demand — is a serious crime that can lead to devastating consequences for victims. Sextortion occurs when someone threatens to distribute your private and sensitive material if you don’t provide them with images of a sexual nature, sexual favors, or money.
According to the FBI, here are some things you can do to avoid becoming a victim:
-Never send compromising images of yourself to anyone, no matter who they are — or who they say they are.
-Don’t open attachments from people you don’t know, and in general be wary of opening attachments even from those you do know.
-Turn off [and/or cover] any web cameras when you are not using them.
The FBI says in many sextortion cases, the perpetrator is an adult pretending to be a teenager, and you are just one of the many victims being targeted by the same person. If you believe you’re a victim of sextortion, or know someone else who is, the FBI wants to hear from you: Contact your local FBI office (or toll-free at 1-800-CALL-FBI).
I got the same email, early July, from “Dewitt Souza”. Ruined my day…
BTC Address: 1JHwenDp9A98XdjfYkHKyiE3R99Q72K9X4
I got the same exact email today 7/24, demanding $8,000. From some guy named Devin.
Not sure if I have any accounts that still use that password as it is an older one.
BTW – I reported this to our local sherriff’s office. They were sympathetic, but not impressed and said I could file a report but nothing would happen. I didn’t progress to the FBI but maybe I should have.
Same, but BTC address was 1Ej6qC5zuNAz4xhBjowxDWD9XRjzSpadVm . Demanded $4000 Canadian. Old password. I ignored the email, deadline passed, nothing happened.
Patrick-
Do you still have that email? I’d like a copy.
I doubt anyone would have any interest in watching me milk the bull, so to speak. Even if this were real, I would not pay the ransom. Everyone with genitals and at least one functional hand does it to themselves… so nothing to be embarrassed about… unless you make some really weird faces. That said, you should always cover your webcam when its not in use.
Hey, did ya know that the have electronics to almost solve the missing limb problem?
Just where a Bill Clinton mask while visiting these sites. Problem solved.
You’re welcome.
*wear
My family got one of these today.
Email: yhwquhectorjxtum@outlook.com
Amount: $8000
BTC address: 1DcYfev3p9TiuRhjVE2HAE1k63caeGoAqw
I have got this email today from:
Honoria Holyoke this adress : usbrandyka@outlook.com
asking from me 7000$
BTC Address: 1DEhikcNDgvvThym7ArbPZNXzsLpHirCuv
Got my first one last week. No password asking for $1900. Few days later I got one with an old password asking for $7000. I’ve gotten two or three more since then.
As poorly written as the email was, it did initially cause some panic – again over the password which I’m sure I still use somewhere. The red flag for me was to not respond to the email and just send $8000 in bitcoin. And also the 9 contacts i have was oddly specific. Part of me wants to engage the scammer, but it’s probably not worth it.
[PASSWORD] is your password. I will cut to the chase. You do not know anything about me however I “now” know you very well and you must be wondering why you are receiving this e-mail, correct?
The truth is, I actually installed malware on porn vids (porn material) and do you know what, you accessed same adult website to have pleasure (you get my drift). And when you got busy enjoying our videos, your system began working as a RDP (Remote Desktop Protocol) having a key logger which gave me accessibility to your display and your camera controls. Right after that, the malware obtained your complete contacts from your social networks, and mailbox.
What have I done?
It’s just your misfortune that I discovered your bad deeds. After that I gave in more time than I probably should’ve investigating into your life and generated a double screen video. 1st half displays the video you were viewing and 2nd half shows the capture from your web cam (its someone doing naughty things)
Exactly what can you do?
Frankly, I want to remove everything about you and let you get on with your life. And I will provide you a way out that can make it happen. The two choices are to either turn a deaf ear to this e mail (not recommended), or pay me $ 8000 to end this mattter forever. Let’s examine above 2 options in details.
First Option is to disregard this email. Let us see what is going to happen if you choose this option. I will definately send out your video to all your contacts including relatives, colleagues, and so forth. It does not save you from the humiliation your household will face when friends and family learn your dirty sextape from me in their inbox.
Wise option is to make the payment of $ 8000. We’ll call this my “confidentiality tip”. let me tell you what will happen if you opt this option. Your naughty secret remains your secret. I will keep my mouth silent. Once you make the payment, You go on with your routine life and family like none of this ever happened.
You’ll make the payment by Bitcoin (if you don’t know how just search “how to purchase bitcoin” in search engine)
My BTC Address: 19QaQ2f2nfaojkBKWoLp6zZWhChikUcfKx
(It is CASE sensitive, so copy and paste it)
Important: You now have one day to make the payment. (I’ve a specific pixel in this e-mail, and right now I know that you have read this e-mail). You must not tell nobody what you would be transferring the Bitcoins for or they might not provide it to you. The task to acquire bitcoins can take a couple of days so do not wait.
If I don’t receive the BitCoins, I will send your video to all of your contacts including friends and family, coworkers, and so on. nonetheless, if I receive the payment, I will erase the sextape immediately. If you need proof, reply with “yes!” and I will certainly send your sextape to your 9 contacts. It is a non-negotiable one time offer, so don’t ruin my time and yours by responding to this email.
I received one earlier today. It is a pretty clever and I hope it’s really a scam for my sake. I redacted my password which has been breached multiple times but still use it for sites i don’t care about or ones i know i’ll visit once or twice and know i won’t be storing information on it that i don’t want to share with the rest of the world. Here is the bitcoin address referenced in the email i received. 1MmWSihBdqPeyCghwJ34mvgANgJZLg7GSu
———————————
***** is your secret password. Lets get straight to the point. You don’t know anything about me whereas I know you very well and you’re most likely thinking why you’re getting this email, correct?
Do you wanna know how?, I installed malware on sex videos (porn material) & guess what, you accessed this adult website to experience fun (if you know what I mean). While you were watching video clips, your browser began functioning as a RDP (Remote Desktop Protocol) with a key logger which provided me access to your screen and also your web cam controls. Right after that, the software collected all of your contacts from your messenger, fb, as well as mailbox.
Exactly what have I done?
It’s just your hard luck that I discovered your blunder. After that I put in more time than I probably should’ve investigating into your data and created a split view video. First part displays the recording you had been viewing and second part displays the recording from your webcam (it is you doing nasty things)
Exactly what can you do?
In good faith, I’m ready to remove all information about you and allow you to continue with your regular life. And I am going to provide you two options that can make it happen. These two options are to either disregard this message (bad for you), or pay me $2900. Let us investigate these two options in more depth.
Alternative one is to turn a deaf ear my mail. Let me tell you what is going to happen if you choose this option. I definitely will send out your video recording to all your contacts including close relatives, coworkers, and many others. It doesn’t shield you from the humiliation your self will have to feel when family and friends learn your sordid videotape.
Wise Option is to pay me $2900. We will call it my “confidentiality charges”. Now Lets see what will happen if you choose this way out. Your little secret Will remain private. I will keep my mouth closed. After you make the payment, You continue on with your routine life and family that nothing ever happened.
You will make the payment through Bitcoins (if you don’t know how all you need to do is search “how to purchase bitcoin” in search engine)
My BTC Address: 1MmWSihBdqPeyCghwJ34mvgANgJZLg7GSu
(It’s CASE sensitive, so copy and paste it carefully)
Notice: You now have one day in order to make the payment. (I’ve a specific pixel in this e-mail, and right now I know that you’ve read through this email). Don’t tell anyone what you would be utilizing the bitcoin for or they possibly will not offer it to you. The process to have bitcoin can take a few days so do not delay.
If I don’t receive the BitCoins, I will definately send your videotape to all of your contacts including close relatives, coworkers, and so forth. however, if I do get paid, I will erase the videotape immediately. If you really want evidence, reply with “yes!” and I will certainly send your video to your 10 contacts. It’s a non-negotiable one time offer, thus don’t ruin my time and yours by replying to this email.
Is it safe to respond to the email with a big ol “F YOU, I’m an FBI Agent”, or should I just ignore?
There shouldn’t be any problem. Give em hell
Well, on sceond thought, maybe best to not respond ….
Good reason not to use pornography.
I received an email from Google, It looked legit, so I opened it and it took me to a porn site. I closed out the site and deleted the email. The next day I received the blackmailing email, which was explained in the above article. They wanted $1900.00, I just deleted the email. and block it. This week I received another email, but from a different email address, They said they would except $1000.00. I just deleted this email also.
i always wear a horse costume when looking at porn…so no worries
My copy came from:
Karly Macrae
Amount $7000
BTC Address: 1DDBo8ZpXNBqbyTWZhk8sD5cYg3KUeWm4S
I got it too after my blog on WP got hacked. My credit card got hacked the same week, the day after I left FB and deactivated my account. The ransom amount has steadily increased along with the threats against contacting law enforcement. I ignore as I know it is an extortion scam easily created but one that I suspect can grow immensely due to the amount of personal data and behavior sharing online. For my family protection, I severely limit online personal behavior info. Times are too risky. I can imagine many victims. Not sure if contacting FBI is worthwhile but this one should be stopped.
The sad thing is that apparently most of the people posting are watching porn and masturbating – and are so commonly doing so that they have no concern about their sick behavior, they just don’t like being threatened over it.
Mike, I never went on a porn site in my life but I received one of these phishing scams too. People are upset about being threatened and blackmailed. It had me questioning if I inadvertently clicked on something that brought me to a porn site but I am certain I never did and I am real careful about clicking attachments, even from friends, because I can’t be certain that a friend’s system hasn’t been compromised. You should jump to conclusions.
Sick behavior? What are you, a monk? On-line porn has probably prevented millions of sex-related crimes.
Thank you for your comments. I knew this was a scam, but as others said there still was that momentary thought, Could this be real? I am sorry for everyone who received this email scam, but I am also glad to know I am not the only one that received one today.
“Important: You now have one day to make the payment.”
“The task to acquire bitcoins can take a couple of days so do not wait.”
Hmmm.
“(I’ve a specific pixel in this e-mail, and right now I know that you have read this e-mail).”
You should in general set your email to not download remote content until you click a button. That would protect you from email tracking like this. It’s used by spammers, if not sextortioners.
I received the email and paid to have my computer checked. No malware was found. I’ve gotten about six of them now, every other day or so, each with a different sender address and name. I don’t watch porn but he did have a 10-year-old password I used to have. My concern was that someone could edit a split screen and make it look like it was me. Is there anything I can do to block future messages?
Hey, Third World scum, you’d have to have a wide, wide angle lens to take in all of my talliwhacker when I’m playing the organ one handed.
I also go this email.
sender: lrollandgouoykasibhatla@outlook.com
BTC – 1CihoaEpRwuup5Gn4J7eDwTw4qJUGPN3wn
$7000
Just got one of these today — addressed to my late wife, who has been dead for 7+ years, so it wasn’t exactly convincing. I do find myself wondering which site got hacked, though — it’s the first time I’ve encountered that particular account/password combo for her…
BTC address: 1DCiyrP5TnhWSHPiFNsztDxzqXWP7hbbtS
Dude… I hope they try this with me. I’ll have SO much fun. Lol. Gems like, “oh, you like watching other dudes cranking it?”. Jesus. The fruit is hanging so low on this one it’s unreal. I’ll DEF respond with the yes. That’s for sure. Lol. What a bunch of losers.
Masking tape over the camera lens
boys & girls…it is as simple as that!
Looks like I got off cheap, “Sharon Morrison” only wanted $350 for her silence.
It was sent to my breached Dropbox email address and claimed my password was “123456”. I’m not foolish enough to use that password so it was pretty obviously fake.
Shayna Barneson
Jul 24, 2018, 1:31 PM
Lets get straight to point. No-one has paid me to investigate you. You do not know me and you are most likely thinking why you’re getting this e mail?
In fact, I installed a malware on the X video clips (pornographic material) website and do you know what, you visited this web site to have fun (you know what I mean). While you were watching videos, your web browser started out operating as a Remote Desktop with a keylogger which provided me access to your display and also web camera. Just after that, my software program collected your entire contacts from your Messenger, social networks, as well as e-mailaccount. After that I created a double-screen video. 1st part displays the video you were watching (you have a good taste hehe), and next part displays the view of your web camera, & it is u.
You will have two possibilities. We should go through these types of options in details:
First option is to skip this e mail. In this scenario, I will send your actual video recording to each of your your personal contacts and thus you can easily imagine about the awkwardness you will get. Not to mention should you be in an affair, how it can affect?
Next choice would be to compensate me $7000. We are going to regard it as a donation. In this situation, I most certainly will without delay discard your video. You could go on your daily life like this never occurred and you surely will never hear back again from me.
You’ll make the payment through Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google search engine).
BTC Address: 19NYW6G9a1EaLZ63wUN7U9HUuDh1sMTDTz
[CASE SENSITIVE copy & paste it]
If you may be thinking about going to the authorities, look, this message can not be traced back to me. I have covered my moves. I am just not attempting to demand very much, I wish to be rewarded. You now have one day in order to make the payment. I’ve a unique pixel within this email, and now I know that you have read through this e mail. If I do not receive the BitCoins, I definitely will send out your video recording to all of your contacts including relatives, coworkers, and many others. Having said that, if I do get paid, I will destroy the recording immediately. It’s a nonnegotiable offer, and so do not waste my time and yours by replying to this email message. If you really want proof, reply Yea & I will send your video to your 15 contacts.
I got one of these. But I don’t take my computer into the bathroom when I MB – so…… ALL LIES
I do look at my screen sometimes with serious tentativeness and sometimes with a bit of tapping to music in my mind. Doesn’t mean I was looking at porn.
I got one last night. $6,500 request.
Jokes on him- I haven’t jerked the gherkin for over 3 years thanks to a bad prostate surgery incident.