2018 has seen a major increase in sextortion scams and large volumes of mails are still being sent. While there are many types of sextortion scams, two of the most common involve spoofed emails from law enforcement agencies and emails from hackers who claim to have installed malware which has recorded users via their webcams.
Both of these types of scam claim the user has been caught visiting questionable or illegal pornographic websites.
BleepingComputer has recently reported a new variant of the former has been detected. The emails appear to have been sent by the CIA and state that the recipient is being investigated as part of a major operation into the distribution and storage of pornographic material involving underage children.
The recipient is informed that their email address has been verified in relation to accessing the above content. The email claims the user’s personal information, address, work address, and a list of relatives and family members is detailed in an attached PDF file. The user’s email address is also included in the body text of the email. The user is informed that the CIA plans to make arrests starting April 19, 2019.
The PDF file is password protected and the user is required to use the password supplied in the email to open the file. The PDF file demands payment of $5,000 in Bitcoin in order to have the user’s details erased from the CIA database.
Netsec News has received an email involving a new variant of the second form of scam. The email claims to have been sent by a supposed hacker who has installed malware that has recorded the user visiting pornographic websites.
The malware gave the hacker access to the webcam and user’s browsing history and footage has been recorded of the user’s actions while visiting adult sites. The hacker threatens to send the video, which has been spliced with the content that was being viewed at the time, to the user’s friends, family members and associates.
The scammer demands payment of $2,000 in Bitcoin to remove the malware and delete the video file. A copy of the message is detailed below. The Bitcoin address has yet to receive any payments at the time of posting.
In both cases, these are simply scams and the emails should be deleted.