‘Sextortion’ scam emails uses real passwords to blackmail for ‘watching porn’

Criminals are targeting victims in an email scam which uses their real passwords to blackmail them for supposedly watching porn.

Company Naked Security has seen a surge in these so-called sextortion emails over the last few days.

Those targeted by the scam will receive an email from cybercriminals out of the blue claiming they have implanted malware on your computer.

In the emails it is claimed they have been able to keep tabs on your online activity, and have taken screenshots of you looking at a porn site, as well as video recorded from your webcam.

The criminals say they have put the screenshots and the webcam footage side-by-side to create an embarrassing email, that they will send to your friends and family.

They ask for you to pay them blackmail money, usually in bitcoins.

Detective Inspector Michael McCullagh, of cybercrime investigations, said: “These types of scams aren’t unusual, however, this particular suspect or group has used a similar method and wording in every email and in greater numbers than we normally see.

The emails show current or legacy passwords belonging to the victim, making the threat seem credible. This is a tactic used by criminals to alarm potential victims.”

  • Zoom chat app can leave Apple Macs vulnerable to devastating and dangerous hacks

But in reality, the video the scammers claim to possess does’t exist, no matter how convincing it seems.

According to Naked Security, the crooks usually get the password, which may be an old one you have used before, from information already circling the “cybercriminal underworld as a result of data breach”.

What should you do?

The first thing you should do is check the password the scammer has quoted isn’t current anywhere, according to Which? If it is, you should change it straight away.

It’s also important not to reply to the scam email.

Just to be on the safe side, you can run a full scan of your computer to make sure it is using up-to-date anti-malware.

  • Tinder Secret Admirer meaning: What push notification actually means

You should also report the incident to the police.

If you haven’t already paid the scammer, you can report it as a phishing attempt through the Action Fraud website.

If you have lost money, you need to report it as a crime.

  • Money

Source: Read Full Article