Shocked User Reading Sextortion Scam Email
Home Scams ‘I Have Your Secrets’ Fake Blackmail Sextortion Scam Email

‘I Have Your Secrets’ Fake Blackmail Sextortion Scam Email

by Brett M. Christensen

This email claims to be from a spy͏ware software developer who has your secrets and has harvested “a solid dirt” on you.

Supposedly, the “hacker” used a hardware vulnerability to download malicious code to your device. He/she claims that this malware was used to record you when you visited porn websites. The sender claims that the malware took “photos and videos of your most passio͏nate funs with adult content”.

He/she threatens to send the content he recorded to all of your contacts if you do not send $783 in bitcoin.

Just an idle bluff

However, the supposed hacker has not really installed malware on your computer or made any recordings of you. The email is just an idle bluff designed to trick you into sending money to criminals. These scammers randomly distribute thousands of identical emails to people all around the world in the hope of tricking at least a few people into panicking and paying up.

The scam will be profitable even if only a tiny percentage of recipients fall for the ruse and send money.

There are hundreds of variations of these scam emails. If you receive one, don’t reply. Just hit delete and get on with your day.

“I have your password” and “I sent this from your account” versions

In some versions, the scammers try to make their claims seem more believable by including a password associated with one of the recipient’s accounts.

When they see the password, recipients may assume that the scammers really have accessed their computer. However, that assumption is untrue. In reality, the crooks are getting these passwords from old data breaches. Many people report that the passwords in the emails are old and no longer in use.
That said, if the email includes a password that you are still using, you should change the password immediately. You can check if an account has been compromised in a data breach by entering the associated email address into Troy Hunt’s   “have i been pwned” service.

I discuss the password versions in more detail in a separate report here.

Other versions claim that the email was sent from your own account. The scammers present this as supposed proof that your device really has been hacked. And, if you look at the sender field in the message, it will indeed show your own email address.

However, the email was not really sent from your account. In fact, the scammers are using a simple spoofing technique to make your email address show in the “sender” field.

Here’s the text of the scam email:

Subject: I have your secrets!

Hello

I am a spy͏ware software developer.

18/12/2019 – On this day I hacke͏d your OS and got full acce͏ss to your account [Email Address Removed]

I sent this message from your ac͏count

The hacking was carried out using a hardware vulnera͏bility through which you went online.
I went around the security system in the router, insta͏lled an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
Why your anti͏virus did not detect malware? My malware uses the driver, I update its signatures every 3 hours so that your antivirus is silent.

Since then I have been following you (I can connect to your device via the VNC prot͏ocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I perio͏dically take photos and videos with you.

At the moment, I have harvested a solid dirt… on you…
I saved all your email and chats from your messangers. I also saved the entire history of the si͏tes you visit.

I know what you like adult sites.
Oh, yes… I’m know your secret life, which you are hiding from everyone.
I took photos and videos of your most passio͏nate funs with adult content, and synchronized them in real time with the ima͏ge of your camera.
Believe it turned out very high quality!

I’m sure you don’t want to show these files and vis͏iting history to all your contacts.

Tran͏sfer $783 to my Bitcoin cryptocurrency wallet: 1EusKBngvc4DQZ6xoRJihrQL8NR7y1TRhw
Just copy and paste the wallet number when transf͏erring.
If you do not know how to do this – ask Google.

My system automa͏tically recognizes the transfer.
As soon as the specified amount is received, all your data will be destr͏oyed from my server, and the rootkit will be automatically remo͏ved from your system.

Good luck!



 

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer