Scareware isn’t a new trend – we’ve been seeing fake “FBI warnings” on our computer screens long enough that even the most technology naive among us knows not to pay their “online fine”, and the crime of extortion has been around as long as humanity has used currency. Unfortunately for all of us, cybercriminals have put a new twist on the scareware scam in what the media is dubbing “Sextortion”. The scam is as lurid as it sounds, basically tricking victims into believing their “not safe for work” (NSFW) online browsing habits are about to be exposed to their friends, colleagues and family unless a bitcoin amount is paid to keep the naughtiness under wraps.
The “gross” anatomy of this scam
Like others of its ilk, this is a straight-up scam, but the method used can produce a hair-raising response through the application of a diabolically clever trick: the scammer uses information found online to produce the illusion that they can “see you” and “know what you are doing” when in fact you are just the recipient of a mail-merge template. The trick is simple: they are pulling email and password pairs from any one of numerous illicit databases that are lurking in the dark corners of the internet, and then plugging that information into a template and mass spamming emails in the hopes that a small percentage actually fall for the con and pay the extortion fee. What’s different about this latest effort is the relatively sophisticated language and diction used which gives the appearance of someone who might actually be capable of the things they allege in the email. The terminology and activities described are written to target individuals who have used their device to look at porn on the web (which many people do, no surprise there), and when paired with the shock of seeing a familiar password right there on the subject line, many reflexively reach for their wallets.
A colleague also shared with me that the scammers are actually sending this same extortion note via actual mail, perhaps thinking that if their potential victim sees the threat printed in black and white on something they can hold in their hands it will have more weight. And it does, but only for the extortionist as now they’ve committed a federal felony.
Either way, don’t fall for this scam, and don’t let your friends, family and colleagues fall for it as well. Share this story, if only to ease the conscience of someone who may be secretly worried about their privacy. They should be, but not over this sorry piece of flim-flammery. For real reasons why they should be worrying about privacy, check these stories out.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
