‘I know your dirty little secret’ sextortion email scam campaign

I know your dirty little secret

Sextortion email scams became popular in late 2018 and they don’t seem to be slowing down anytime soon. One of the latest sextortion email scam campaigns that’s currently going around at the moment employs a deceptive email message that says a hacker recorded you through your web camera while you were watching mature videos and ‘playing with your stuff.’

Next, your web-cam started to record you playing with your stuff, on top of
that i captured a footage that you’ve viewed.

The email message says that your system was toxified with malware and a hacker gained access to your device and now has access to your private data. Your web camera then started recording you while you in an intimate moment.

The purpose of the email scam is to scare you into making a Bitcoin payment to the email scammer. If you don’t pay up the message suggests that they will send the video of you to your contacts including friends, family, and colleagues.

A Bitcoin wallet used by the email scammer is 1NVoCSEDYrwd6xWbcCRt441CJRfs56Q9Ej and this wallet currently has no transactions posted to it which is a good sign.

Here’s a transcript of the email message:

Subject: I know your dirty little secret
From: Olivia

Howdy,

I hope you will not really mind my language grammar, because i’m from
Philippines. I toxified your system with a malware and now have your private
data out of your operating-system.

It was established on a mature site then you’ve selected the video clip and
it, my application instantly gain access to your os.

Next, your web-cam started to record you playing with your stuff, on top of
that i captured a footage that you’ve viewed.

Just after a short while in addition, it pulled out your social contact
information. If you ever wish me to clear off your everything i have got –
send me 670 dollars in btc its a crypto-currency. Its my btc account address
– 1NVoCSEDYrwd6xWbcCRt441CJRfs56Q9Ej

At this moment you will have 21hours. to produce a decision As soon as i
will receive the transaction i’ll wipe out this footage and every thing
completely. If not, please be sure this evidence would be sent to all your
buddies.

Do Not Reply to This Email

As you can see the email message might sound frightening to some people and seem real because it may show you your past or current password. However, the email message is just another sextortion scam and there have been many like it in the past.

Even if your device does not have a camera you will still receive a message that says they recorded you through your camera. And even if you have never visited an adult website you will still receive a message saying that you did.

The downside to receiving this email message is that your email address and other information may have been leaked online following a breach that occurred on a website like Yahoo, Adobe, LinkedIn, and Experian. Sensitive data such as your name, email address, password, and telephone number may be floating around somewhere on the dark web or someone may have been able to purchase a list that obtained your information.

To see where your information may have been leaked or which breach your information was obtained from go to https://haveibeenpwned.com/ and submit your email address. You will receive a free detailed analysis instantly.

If you want to make sure your computer is not infected with malware and that no one can gain access to your online accounts I recommend that you change all your passwords and scan your computer for malware.

Make sure to employ some of these best practices when making a new secure password:

  • Do not reuse the same password for multiple accounts. Use unique passwords wherever possible.
  • Use strong passwords with numbers, letters, and special characters such as !@$#.
  • Use two-factor authentication to add an extra layer of security along with your password.
  • Use a reputable password manager if you have trouble remembering multiple passwords.

And finally, here are instructions to scan and completely remove malware from your computer using Malwarebytes and HitmanPro:

How to scan your computer for malware

1. Download Malwarebytes Anti-Malware software to scan your device and remove malicious files and potentially unwanted programs.

2. To install the program, locate and double-click the executable file you just downloaded. The file can usually be found in the Download folder.

install malwarebytes

3. Choose if this is for home or work use and click Agree and Install to begin installing Malwarebytes. Once the installation is complete, click Finish.

scan now

4. Once Malwarebytes is installed, open the program and click the Scan Now button on the dashboard – or go to the Scan tab and click the Start Scan button.

quarantine selected

5. When the scan is complete click the Quarantine Selected button.

6. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.

7. Download HitmanPro to perform a second-opinion scan and remove any remaining malicious trace files. A second-opinion scan is important when removing malware and malicious files from your computer.

8. To install the program, locate and double-click the executable file you just downloaded. The file can usually be found in the Download folder.

9. Once HitmanPro is installed, open the program and click Next to start scanning your device. *If you are using the free version you may choose to create a copy or perform a one-time scan.

10. When the HitmanPro scan is complete, click the Next button.

11. To activate the free version of HitmanPro: enter your email address twice and click the Activate button.

12. Click the Reboot button.

Sean Doyle

Sean Doyle is an engineer from Los Angeles, California. Sean's primary focuses include Cyber Security, Web Spam, and Online Marketing.