A new sextortion scam has been discovered that tries to fool the recipient of the message into believing their email account has been compromised and that their computer is under full control of the hacker.
The hackers trick he user’s email address so that it appears that the message has been issued from the user’s email account – The sender and the recipient names are the exact same.
A quick and simple check that can be performed to deduce whether the sender name shown is the actual account that has been used to send the email is to click forward. When this is completed, the display name is shown, but so too is the actual email address that the message has been broadcast from. In this instance, that check does not work making it seem that the user’s email account has actually been compromised.
The messages used in this campaign try to extort money by suggesting the hacker has obtained access to the user’s computer by means of a computer virus. It is alleged that the virus gives the attacker the ability to review the user’s internet activities in real time and use the computer’s webcam to record the user.
The hacker claims that the virus was placed to the computer due to the user viewing an adult website and that while viewing internet pornography the webcam was active and recording. “Your tastes are so weird,” states the hacker in the email.
The hacker claims that they will synch the webcam footage with the content that the user was looking at and send a copy of the video to all the user’s partner, friends, and relatives. It is said that all the user’s accounts have been compromised. The message also has an example of one of the user’s passwords.
While it is very unlikely that the password given in the email is valid for any of the user’s account, the message itself will still be worrying for some individuals and will be enough to get them to make the requested payment of $800 to have the footage erased.
However, this is a sextortion scam where the hackers have no leverage as there is no virus and no webcam footage. However, it is clear that at least some recipients were not willing to take a risk.
According to security experts SecGuru, who received a version of the email in Dutch and found a similar English language version, the Bitcoin account used by the hacker had received payments of 0.37997578 Bitcoin – $3,500 – in the first two days of the attack. Now 7 days after the first payment was completed, the earnings have grown to 1.1203 Bitcoin – $6,418 – with 15 people having paid.
A similar sextortion scam was carried out in the summer which also had an interesting twist. It implemented an old password for the account that had been downloaded from a data dump. In that instance, the password was real, at least at some point in the past, which made the scam seem authentic.