Sextortion Scam: Blackmail scam emails that demand Bitcoin
Sextortion scam emails have become a disturbingly common occurrence in people’s inboxes. These menacing messages claim the sender has hacked your computer, recorded you visiting adult websites or engaging in compromising acts via your webcam, and will share the embarrassing video with all your contacts unless you pay a ransom in Bitcoin.
But here’s the reality: in the vast majority of cases, the blackmail scam is a complete bluff. The attacker doesn’t actually have any incriminating video or access to your computer. They’re simply trying to prey on your fears to pressure you into sending them money. Let’s take a closer look at how these extortion scams work and what you can do to protect yourself.
What is Sextortion?
Sextortion is a scam via email or any other medium to blackmail the victim and threaten to expose private data like photos, web browsing history, chat history, etc. Generally, these sextortion scammers send emails & claim that they have gained access to the victim’s device, and installed a Trojan virus by logging into an email account. To make this claim appear genuine, the attacker will usually send the email with the subject “Payment from your account.” The sexual leverage is then applied, claiming that your activity is being recorded through the controller of your devices like the camera, microphone, etc.
The attacker could threaten the victims by publicly exposing their private data if the payment is not made to the Bitcoin address mentioned in the email.
In recent times, we have seen that sextortion scam is still active, and scammers are demanding USD 1550 through the Bitcoin wallet by threatening the same activities mentioned above. Below is an example of an email sextortion scam:
Figure 1: Revealing bitcoin wallet address
In the email, to exploit & make the situation of panic, it is mentioned that the victim has 48 hours to transfer USD 1550 to the scammer’s bitcoin wallet, identified as 1665CsfFELrfiiubFZtLsGHGuqbUz1wXcz.
Why are hackers demanding payment in the form of bitcoins?
Bitcoin has become the currency of choice for cybercriminals engaged in extortion email from hacker schemes. This is because Bitcoin offers a high degree of anonymity compared to traditional payment methods.
When you send or receive Bitcoin, those transactions are recorded on a public ledger called the blockchain. However, the blockchain only shows the Bitcoin addresses involved, not the real-world identities behind them. This makes it very difficult to trace who is sending or receiving the cryptocurrency.
Scammers can easily create new Bitcoin addresses for each victim and have the funds forwarded through a series of wallets to obscure the trail. Some criminals use “mixing” services that jumble bitcoins from different sources to make them even harder to track.
Scammer’s Bitcoin Wallet Abuse Report
When researchers examined the Bitcoin wallets provided in sextortion scam emails, they often find those addresses have received a substantial amount of cryptocurrency from a large number of transactions. This suggests that at least some recipients are frightened enough to pay the ransom.
For example, one wallet tied to a sextortion campaign was found to have engaged in 21 transactions and received a total of 0.4218701 BTC, equivalent to over $13,000 at the time. The funds had not moved out of the wallet, indicating the attacker was likely stockpiling the proceeds and waiting for more payments to come in before cashing out.
Criminals may reuse the same Bitcoin addresses across multiple extortion email from hacker campaigns to streamline their operations. Victims are encouraged to check if a suspicious Bitcoin address has been reported on sites like BitcoinAbuse before considering any payment. These crowdsourced databases can help identify wallets affiliated with sextortion scam and other fraudulent activities.
Figure 2: Bitcoin wallet abuse report
Should you worry about sextortion emails?
Sextortion scam messages are designed to make recipients panic. They use psychological manipulation tactics to instill a sense of dread and shame in hopes of clouding your judgment and pressuring you into paying up to make the problem go away.
But in reality, there is no problem. The whole scenario is a fabrication.
If you receive an email threatening to expose video of you, take a deep breath and don’t let it rattle you. Carefully examine the message for signs that it is a generic mass-mailing being sent to thousands of potential victims:
The email doesn’t address you by name, just by your email address
The wording is vague and doesn’t include any specific details about you
The message contains glaring grammar and spelling errors
The ransom demand is in Bitcoin or another cryptocurrency
The email originates from a suspicious domain or free account like Gmail or Yahoo
How to Protect Yourself from Sextortion Scams
While sextortion scam emails can be unnerving, there are steps you can take to insulate yourself from these schemes and minimize the chances of them reaching your inbox in the first place:
Enhance Online Privacy
Be cautious about how much personal information you share online. Revealing too many details about your life on social media and other public platforms can give scammers ammunition to make their sextortion scam threats seem more credible.
Opt out of “people-search” sites that compile personal details from public records and social media to build a profile on you. Remove yourself from data broker lists to reduce your digital footprint.
Be Skeptical of Unsolicited Emails
Be particularly wary of email extortion attempts that pressure you to pay in cryptocurrency. Legitimate businesses will almost never demand payment in Bitcoin or other digital coins.
Don’t click on links or attachments in unsolicited emails, as they may contain malware. If a message appears to be from a company you do business with, visit their official website directly rather than following any links.
Report Suspicious Emails
If you receive an email threatening to expose video of you or making other extortion scams demands, report it to the appropriate authorities. You can file a complaint with the FBI’s Internet Crime Complaint Center (IC3) or contact your local law enforcement.
Forward the email to your email provider’s abuse department, as they may be able to block similar messages from reaching other users. You can also report the Bitcoin address on sites like BitcoinAbuse to warn others.
Stay Safe: Quick Heal’s Guidance for Sextortion Scam Survivors
Take appropriate actions to keep your account safe
Your account information may have been leaked online. It is advisable to change your password immediately to avoid unauthorized access to your funds. Do not worry if your password is mentioned. Presumably, it has been tracked down from a previous data breach.
Stay alert! Do not give any money or other identification details to anyone.
If you have shared any bank account details, disclose the incident to the bank. If you have transferred the money via an online money transfer platform such as Bitcoin, the transaction is likely to be untraceable, and you may not get your money back.
Conclusion
Sextortion scam emails have unfortunately become a common hazard in the digital world. While the threats can be distressing, it’s important to recognize that they are almost always a bluff. The sender is trying to trick you into paying by preying on your fears. Don’t engage, and certainly don’t send money.
By staying informed and following best practices for online security, you can avoid falling victim to these internet extortion scams. Don’t let criminals scare you into surrendering your hard-earned money.
No Comments, Be The First!