A new and rather sinister twist on the old fake blackmail sextortion scam is panicking some recipients into sending their money to criminals.
In a typical fake blackmail scam, the senders claim that they have installed malware on your computer and captured video of you while you visited a porn website. They then threaten to send the compromising video to all of your contacts if you do not send them a “keep quiet” payment via Bitcoin.
Of course, the scammers do not really have the compromising video or access to your contact list as they claim. Instead, they randomly distribute the same email to many thousands of email addresses in the hope of tricking a least a few people into sending the requested payment.
However, some recent versions of the scam emails may appear considerably more credible because they include one of the recipient’s real passwords as “proof” that their claims are true.
The scammers know that if you receive an email that actually includes one of your passwords – even an old one that you no longer use – you may be much more inclined to believe the claims and pay up. At first take, the inclusion of the password suggests that the scammer really does have access to your computer and may have really created the video as claimed.
In fact, even if you have not visited any porn sites, the fact that the scammer has apparently accessed your computer or accounts and harvested your password is naturally quite concerning.
So, how are the criminals getting these passwords? The most likely explanation is that they are collecting the passwords and the associated email addresses from old data breaches. Many commentators have pointed out that the passwords in the emails are very old and no longer being used.
In a report about the tactic, computer security expert Brian Krebs notes:
It is likely that this improved sextortion attempt is at least semi-automated: My guess is that the perpetrator has created some kind of script that draws directly from the usernames and passwords from a given data breach at a popular Web site that happened more than a decade ago, and that every victim who had their password compromised as part of that breach is getting this same email at the address used to sign up at that hacked Web site.
So, as with the “normal” versions of the scam that do not include passwords, the emails are basically just a bluff to trick you into paying up. The inclusion of the passwords adds an extra layer of undeserved credibility that panic some recipients into complying with the scammer’s demands.
If you receive one of these emails, do not reply or respond. However, if the email includes a valid password that you currently use, you should change the password immediately. You can check if an account has been compromised in a data breach by entering the associated email address into Troy Hunt’s excellent “have i been pwned” service.
For a more technical analysis of this password sextortion scam, refer to the post on the KrebsOnSecurity website.
Examples of the password sextortion scam emails:
I am aware [removed] is one of your password.
Lets get straight to the point. No one has compensated me to check about
you. You do not know me and you are probably thinking why you’re getting
this e-mail?actually, I installed a software on the X video clips (pornography) site
and you know what, you visited this website to have fun (you know what I
mean). While you were watching videos, your web browser began functioning
as a Remote control Desktop that has a keylogger which provided me
accessibility to your display and also cam. Right after that, my software
program collected every one of your contacts from your Messenger, social
networks, and e-mail .After that I made a video. 1st part displays the
video you were viewing (you’ve got a good taste omg), and second part shows
the view of your webcam, yeah it is u.You got two different choices. We are going to take a look at the
possibilities in details:First solution is to neglect this message. As a result, I will send your
very own video to each one of your contacts and just think concerning the
embarrassment you will definitely get. And as a consequence should you be
in a romance, precisely how it will affect?In the second place option will be to compensate me $1000. I will name it
as a donation. In this situation, I most certainly will right away remove
your videotape. You can continue your daily routine like this never took
place and you will never hear back again from me.You’ll make the payment via Bitcoin (if you don’t know this, search for
“how to buy bitcoin” in Google search engine).BTC Address: [Removed]
[case SENSITIVE so copy & paste it]If you may be planning on going to the cops, well, this email can not be
traced back to me. I have covered my moves. I am also not trying to ask you
for a whole lot, I want to be compensated. You now have one day in order to
make the payment. I’ve a special pixel within this e mail, and at this
moment I know that you have read this email message. If I don’t receive the
BitCoins, I definitely will send your video to all of your contacts
including close relatives, coworkers, etc. Having said that, if I do get
paid, I will erase the recording right away. This is a non-negotiable
offer, therefore please don’t waste my time & yours by replying to this e
mail. If you need proof, reply Yup! & I definitely will send your video
recording to your 10 contacts.
I know, [removed] is your password now I won’t beat around the bush.
You don’t know anything about me but I know you very well and you must be wondering why you are getting this mail, right?I placed malware on adult videos (porn material) & there’s more, you visited this sex web site to experience fun (you know what I mean). And while you were busy watching those videos, your browser started out operating as a RDP (Remote Control Desktop) with a keylogger which gave me access to your display as well as your camera recordings. After that, my software program gathered every one of your contacts from messenger, fb, as well as e-mail.
What have I done?
It is simply your hard luck that I discovered your bad deeds. I then put in more time than I probably should’ve investigating into your life and prepared a split screen sextape. 1st half shows the video you were viewing and next part displays the view of your web cam (it is you doing naughty things). As a family man, I’m ready to destroy everything about you and let you get on with your life. And I will present you a way out that can accomplish your freedom. Those two options are to either disregard this letter (not recommended), or pay me $7000 to end this chapter forever.
Exactly what should you do?
Let us explore these 2 options in depth. Option One is to ignore this email. Let me tell you what is going to happen if you select this option. I definitely will send your sextape to all your contacts including relatives, colleagues, and so on. It does not protect you from the humiliation your self will face when friends discover your sordid sextape. Wise option is to make the payment of $7000. We’ll call this my “keep the secret charges”. Lets see what will happen if you go with this option. Your naughty secret remains your secret. I will keep my mouth shut. After you make the payment, You can freely go on with your lifetime and family as if none of this ever occurred. You will make the transfer through Bitcoin (if you do not know how all you need to do is type “how to buy bitcoins” in google)
BTC ADDRESS IS: [removed]
(It is CASE SENSITIVE, copy and paste it)
Note: You have one day to make the payment. (I have a specific pixel within this e-mail, and now I know that you have read through this e mail). DO NOT TELL anybody what you will be transferring the Bitcoins for or they might not provide it to you. The task to obtain bitcoins usually takes a day or two so do not procrastinate. If I don’t receive the BitCoin, I definitely will send out your sextape to all of your contacts including family members, colleagues, and so on. nonetheless, if I do get paid, I will destroy the sextape immediately. If you really want proof, reply with “yes!” and I will certainly send out your video recording to your 15 contacts. It is a non negotiable offer, so please don’t waste my time and yours by replying to this e mail.
Importance Notice
After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.
Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.
And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.
When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.
I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.
A Big Thank You
I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.
Closing Date
Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.Thank you, one and all!
Brett Christensen,
Hoax-Slayer
