Sextortion Scam — How to Evade and Protect Yourself From It
THREAT REMOVAL

Sextortion Scam — How to Evade and Protect Yourself From It

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by Sextortion Scam and other threats.
Threats such as Sextortion Scam may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

This article has been created in order to help you by explaining to you how to remove the Sextortion Scam which can be encountered via email messages.

The Sextortion scam is a new malicious tactic that is used against computer users worldwide. It is used to blackmail users by containing sensitive information about them (usually stolen).

Threat Summary

NameSextortion Scam
Type Scam / Malware
Short DescriptionThis scam uses harvested or stolen information about the users and blackmails them to pay money to the operators.
SymptomsReceived blackmail messages.
Distribution MethodVia e-mail messages that imitate legitimate email notification messages .
Detection Tool See If Your System Has Been Affected by Sextortion Scam

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Sextortion Scam.

Sextortion Scam – Overview

The Sextortion scam is a new hacker tactic that attempts to blackmail computer users worldwide. The main tactic relies on the use of email messages. They are orchestrated to send out the messages in groups. There are two possible case scenarios:

  • Phishing Messages — The email messages can be sent from addresses that appear to be legitimate security companies. They may insert details that can correlate with the user’s identity or insert elements that are taken from well-known services, software or sites.
  • Anonymous Messages — The email messages can be sent from anonymous domains, hacked accounts or other similar methods. The operators can send out many messages at once to raise attention to them.

Another method used by the criminals is the use of scripts and redirect code. They are generally distributed on various sites using redirects, banners, pop-ups or in-line hyperlinks. Clicking on malicious forms and filling in email details can lead to the email generation.

The other distribution tactic relies on the creation of malicious sites. The controllers can create their own portal sites that can utilize various scam tactics that harvest personal information about the users.
Upon being targeted by Sextortion scam the users will receive an email message that blackmails them for a payment. Here is a sample message:

I’m going to cut to the chase. I’m aware is your pass word. More importantly, I
know about your secret and I’ve proof of this. You don’t know me and nobody paid me to examine you.

It is just your bad luck I came across your bad deeds. Let me tell you, I placed a malware on the
adult videos (sex sites) and you visited this website to have fun (you know what I mean). While you
were watching video clips, your web browser began working as a Rdp (Remote control desktop) with
a key logger which provides me access to your display as well as web cam. Right after that, my
software program obtained all your contacts from messenger, social networks, as well as email.

After that I put in more hours than I should’ve digging into your life and created a double-screen
video. 1st part displays the video you had been viewing and 2nd part shows the capture from your
web cam (its you doing dirty things).

Honestly, I am willing to forget everything about you and let you get on with your regular life. And I
am about to offer you 2 options that will achieve that. Two two choices are to either ignore this letter, or simply pay me $3200. Let’s understand these 2 options in more details.

First Option is to ignore this email message. You should know what is going to happen if you select
this option. I will certainly send your video recording to all your contacts including close relatives,
colleagues, and many others. It doesn’t shield you from the humiliation you an your family
must face when friends and family learn your sordid details from me.

Second Option is to pay me $3200. We will it my “privacy fee”. Now let me tell you what
happens if you pick this choice. Your secret will remain your secret. I will erase the video immediately.
You move on with your routine life that none of this ever occurred.

At this point you must be thinking “I will call the cops”. Without a doubt, I’ve overed my steps to
ensure that this email cannot be tracked back to me and it will not stay away from the evidence
from destroying your daily life. AI am not seeking to steal your savings. I just want to get compensated
for the time I placed into investigating you. Let’s hope you have chosen make all of this go away
and pay me the confidentiality fee. You’ll make the payment by Bitcoins (if you do not know how,
search “how to buy bitcoins” in google)

Amount to be sent: $3200
Bitcoin Address to Send to: 1F8dxmQMskgBowr6AW33P3bitLfvopLTmYf
(it’s CASE sensitive, so copy and paste it carefully)

The fact that the messages may contain account credentials shows that the Sextortion scam be part of a malware infection sequence. The criminals have probably used a Trojan horse or another type of virus to harvest the computers.

The malware infections can be programmed into harvesting strings that can be grouped into several categories:

  • User Private Data — The collected information can reveal private information about the victims. Example content includes their name, address, location, interests, passwords and etc.
  • System Information — The hackers can extract information about the infected hosts that can be used to optimize the attack campaigns. The hackers use generated reports giving details about the installed hardware components, certain operating system values and etc.
  • Current Status — The criminal operators can instruct the deployed code to automatically monitor for the user’s behavior when using their email clients and/or web email services.

In such cases it may be possible that the criminals behind the Sextortion scam can utilize a Trojan module. It will connect to a hacker-controlled server from which it will be able to receive commands. They include the following:

  • Surveillance — The Sextortion scam Trojan can spy on the victims in real time.
  • Machine Control — The remote attackers can take advantage of the fact that they can install various scripts that can manipulate the systems or altogether take over control of them.
  • Additional Infection — The threat can be used to deploy additional malware to the infected hosts.

Sextortion Scam – October 2018 Update

A recent security report reads that the latest examples of the sextortion scams use a different approach. They make more use of preliminary information gathering by looking out for a more complete data. It is not known what channels or methods they use however it is speculated that this is done using automated tools and frameworks that dig deep into social networks and online behavior. A key difference is that the receiving users this time are employees of state, local, tribal and territorial agencies. This is an important change as the criminals appear to target them via the blackmail tactics of facing repercussions.

Some of the displayed information that is now shown to the users includes their name, email address, timeframes of computer interaction. In some cases the hackers can also quote leaked/exposed passwords.

The new approach shows that the messages are created using the personalized contents — when the appropriate layout and information is presented to the targets there is much higher percentage of success. Some of the harvested information that is taken to leaked databases and mass hacks that have resulted in the credentials leak. We also anticipate that in some cases the criminals can buy the databases from the underground hacker markets.

Sextortion Scam Example — Hacked Files

An example email message taken from a recent attack is the following:

Hello!

I’m a member of an international hacker group.

As you could probably have guessed, your account XXXXXXXXXXXXXX was hacked, I sent message you from it.

Now I have access to your accounts!
For example, your password for XXXXXXXXX is XXXXXXXXXXXXxx.

Within a period from XXXXX XXXXXX to XXX XXXXX you were infected by the virus we’ve created, through an adult website you’ve visited.
So far, we have access to your message, social media accounts, and messengers.
Moreover, we’ve gotten full dumps of these data.

We are aware of your little and big secrets..yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know..

But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched!
I think you are not interested show this video to your friends, relatives, and your intimate one..

Transfer $700 to our Bitcoin wallet: XXXXXXXXXXXXXXXXXXXXXX
If you don’t know about Bitcoin please input in Google “buy BTC”. It’s really easy.

I guarantee that after that, we’ll erase all your “data” 😀

A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount.

Your data will be erased once the money are transferred.
If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection.

Sextortion Scam Example — Hijacked Phone Data

Another sample message reads has a slightly different text:

It seems that, XXXXXXXXXXXXXX is your phone number. You may not know me and you are probably wondering why you are getting this e-mail, right?

. . .

I backuped phone. All photo, video and contacts..

I created a double-screen video. 1st part shows the video you were watching (you’ve got a good taste haha . . .), and 2nd part shows the recordng of your web cam.

exactly what should you do?

Well, in my opinion, (AMOUNT FROM $100-$1000 THIS TIME) is a fair price for our little secret. You’ll make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).

Remove Sextortion Scam

The Sextortion scam messages are a very dangerous example of a phishing scam that takes advantage of the victim’s gullibility.

Note! Your computer system may be affected by Sextortion Scam or other threats.
Scan Your PC with SpyHunter
SpyHunter is a powerful malware removal tool designed to help users with in-depth system security analysis, detection and removal of threats such as Sextortion Scam.
Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter’s malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter’s EULA, Privacy Policy and Threat Assessment Criteria.

To remove Sextortion Scam follow these steps:

1. Uninstall malicious programs from Windows
2. Clean your Browser and Registry from Sextortion Scam

Use SpyHunter to scan for malware and unwanted programs

3. Scan for malware and unwanted programs with SpyHunter Anti-Malware Tool

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...