Contact us today!
845-876-6561

Professional Computer Associates Blog

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at 845-876-6561.

A.I. Is Starting to Move Businesses Forward
Tip of the Week: Cloud Software for File Sharing
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, August 21 2018

Captcha Image

QR-Code

Tag Cloud

Security Tip of the Week Best Practices Cloud Technology Privacy Network Security Hackers Business Computing Backup Malware Hosted Solutions Managed IT Services Google VoIP Disaster Recovery Email Microsoft Mobile Devices Software Productivity Business Continuity Business Internet Innovation Data Outsourced IT Data Backup communications Efficiency Cybercrime Hardware Smartphones Computer Ransomware Data Recovery IT Support IT Services Windows 10 Cloud Computing Android Tech Term Browser Internet of Things Office BDR Telephone Systems Computers Alert Server User Tips Network Windows Business Management Saving Money Miscellaneous Virtualization Cybersecurity Smartphone Mobile Device Management Upgrade Small Business BYOD Social Media Applications Managed IT Save Money Facebook Chrome Workplace Tips Law Enforcement Artificial Intelligence Microsoft Office Social Engineering Passwords Collaboration Quick Tips Money Bandwidth Communication Productivity Gadgets Hacking Mobility Router Automation App How To Avoiding Downtime Office Tips Work/Life Balance Recovery Managed Service Provider Password Holiday Firewall Office 365 Private Cloud Flexibility Managed IT Services Data Protection Data Management Remote Monitoring Wi-Fi HaaS Phishing Business Intelligence Bring Your Own Device Gmail Data Security Operating System Budget Health VPN Information Technology Redundancy Two-factor Authentication Proactive IT Document Management Data Breach Vulnerability Big Data Black Market Entertainment Encryption Analysis Spam Blockchain Apps Google Drive Mobile Device Identity Theft Safety Cleaning Connectivity Compliance Training Risk Management Windows 10 IT Management Value Word Marketing User Error IT Support SaaS Employer-Employee Relationship Best Practice Information IT Plan Content Filtering File Sharing Data storage Solid State Drive Shadow IT PDF Streaming Media CES Charger Government Access Control DDoS Infrastructure Save Time Unsupported Software Smart Tech Networking End of Support Data Storage Internet Exlporer Meetings Computing Infrastructure Servers Electronic Medical Records Wireless Website Content Management Wearable Technology Workers Instant Messaging YouTube Automobile Worker Physical Security Apple Legal Mobile Computing Machine Learning Comparison USB Hiring/Firing HIPAA Computer Care The Internet of Things eWaste Sports Paperless Office Spam Blocking Downtime Data loss Samsung Windows 7 Battery Settings Credit Cards Patch Management Public Cloud Remote Computing History Business Owner Keyboard Education Wireless Technology Update Scam OneNote Google Apps Bluetooth Customer IT Consultant Workforce Lithium-ion battery IoT Healthcare Laptop Skype SharePoint Supercomputer Cast Lifestyle Digital Signature Experience Loyalty Wireless Internet Colocation Fiber-Optic Thought Leadership Chromecast Botnet Google Docs Politics Augmented Reality Scalability Excel Amazon IaaS Transportation Enterprise Content Management WiFi Managed Service Leadership Telecommuting Electronic Health Records Touchpad Audit Start Menu Business Technology Outlook Current Events Strategy Music Wire Netflix Cables Users Content Filter Root Cause Analysis Travel Uninterrupted Power Supply Unified Threat Management People Tip of the week Amazon Web Services Authentication Benefits Password Management Distributed Denial of Service Password Manager Proactive Software Tips Remote Work Insurance Books IBM Fax Server Internet exploMicrosoft Computer Fan Mobile Virtual Assistant Humor Knowledge Assessment Smart Office hacker Flash Unified Communications Virtual Reality Storage Voice over Internet Protocol Mobile Office iPhone Search Windows Server 2008 Online Shopping Nanotechnology Smart Technology NIST Business Mangement Rootkit Remote Monitoring and Maintenance webinar Notifications Practices Emergency IT solutions Advertising FENG Professional Services Telephone System Monitor Network Congestion Data Warehousing Specifications Accountants Troubleshooting Television Sync Theft Worker Commute Employer Employee Relationship Multi-Factor Security Human Resources Emails How to Evernote NarrowBand Cryptocurrency Software as a Service Mouse Recycling Content Line of Business Environment Conferencing HBO Hosted Computing Tools Computer Accessories Reputation Techology Millennials Hosted Solution Public Computer Students Going Green Running Cable Windows 10s Telephony Cortana Addiction Safe Mode Robot Hard Drives Screen Mirroring Trending Staff Tech Support Cache Files Antivirus Regulations Wireless Charging Devices Two Factor Authentication Criminal Audiobook Vendor Management MSP Relocation Video Games Frequently Asked Questions Fraud Inventory HVAC Hybrid Cloud IT solutions CrashOverride Remote Worker Thank You Congratulations Wiring Company Culture Administration Twitter Managing Stress Regulation Webinar

Free Consultation

Free ConsultationSign up today for a
FREE Network Consultation
How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!