A new variant of an old scam is currently gaining traction and is fooling many people into paying scammers money to avoid having sensitive information exposed.
The scammers claim to have added malware to adult sites which has been downloaded onto a user’s computer. The malware is allegedly capable of taking full control of the webcam, which has been used to record a video of the user while they were visiting pornographic websites. The scammers say they have explicit footage which will be made public and sent to all the user’s social media contacts, which have similarly been stolen by the malware.
To avoid the embarrassment from the publication of the video, the user is required to make a Bitcoin payment. The payments requested have ranged from $200 and $700.
This is of course a scam. The emails have been sent in a huge campaign and are speculative. Just like the many other phishing scams that are sent every second of every day, it is a numbers game. The scammers are relying on a small percentage of email recipients being fooled.
Even though there is no mention of the website that was allegedly visited, and no copy of the video linked in the email, the scam has proven successful with some users. Out of fear they have paid up.
A second version of the scam is also being sent that has added credibility. The attackers have included highly personal information in the email that suggests the email does not contain an empty threat. The email includes the user’s password as confirmation that their computer has been compromised.
This version of the scam comes with a much higher demand for payment. Emails containing the password require a payment in the thousands. Some of the emails have asked for up to $8,000 to avoid publication of the video.
This too is a scam and an empty threat, albeit a much more realistic scam. The password has not been obtained via malware, instead it has been purchased along with a batch of other compromised credentials from past data breaches or has been scrapped from a list of credentials that have been posted online. This information could have come from any number of data breaches and the password is likely to be old.
However, for individuals that reuse old passwords or never change their passwords, the emails will be particularly chilling. And more effective.
According to one security researcher who has been tracking the Bitcoin wallets associated with this scam – of which there are more than 300 – the scammers have already been paid around $250,000 in Bitcoin.
If you receive an email such as this don’t panic and don’t pay. This is a scam, but there are steps to take immediately.
The scammers do not have a video of you, but they do have your password. First of all, change all of your passwords and use a unique, strong password for all accounts. Visit haveibeenpwned.com and enter your email address to find out which site was breached. The site will tell you where the password was obtained (if known) and if it has been posted online.
Further scams such as this can be expected along the same theme. They may include malicious links or malicious attachments. The best course of action is to ignore the emails, but if the password is current, action is required to secure your accounts.