Beware of email messages that claim a hacker has infected your computer and recorded you through your camera during an intimate moment. The email messages are part of a worldwide sextortion scam where attackers send email messages to their victims in an attempt to trick them into sending them cryptocurrency in return. The email messages typically claim that the target’s computer was hacked and they were recorded during a private moment before asking them to make a payment to have the video deleted or removed.
The email messages may also appear to be sent from the target’s email account in an attempt to make it appear as if the hacker did actually hack the target’s computer. However, an email spoofing service was likely used to make it appear this way. In reality, the email account was not compromised.
Here’s a look at what the email message might look like:
Subject: I RECORDED YOU!
Hey! Check the sender of this email (From:), I sent this email from your account!
Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn’t updated / patched, in such case it’s enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more – Google: “Drive-by exploit”.
My malware gave me full access and control over your computer, I got access to all your accounts (that’s how I sent this email) and it was possible to see everything on your screen, turn on your camera or microphone and you won’t even notice about it.
I was spying on you and I RECORDED YOU SATISFYING YOURSELF!
After that I removed my malware to not leave any traces.
I can send the video to all your contacts, friends, post it on social network, publish it on the whole web!
But, you can stop me!
Transfer exactly 1200$ with the current bitcoin (BTC) price to my bitcoin address.
You can easily buy bitcoin here: www.coingate.com , www.coinbase.com , or Google for other exchanger.
You can send the bitcoin directly to my address, or create your own wallet first here: www.login.blockchain.com/en/#/signup/ , then receive and send to mine.
My bitcoin address is: 19DNX7dsEMzeuZU8RfaAoNNVVUDJPc6KCU
Copy and paste my address, it’s (cAsE-sEnSEtiVE)
I give you 3 days time to transfer the bitcoin.
As I got access to this email account, I will know if this email has already been read.
If you get this email multiple times, it’s to make sure you read it and after payment you can ignore it.
After receiving the payment, I will remove the video.
Next time update your browser before browsing the web!
The email message above is just one version of this email message. There may be many others and different Bitcoin addresses used and the Bitcoin address may be an address linked to numerous scams including other sextortion email scams.
The reason why people receive this email message is that their information was leaked online, most likely following a data breach of a service the target uses. It is possible that the target’s information was shared or sold in bulk on the dark web following a breach. (Scan your email address to obtain a free analysis: https://haveibeenpwned.com/)
Since your account information may have been leaked online it is strongly advised to change your password immediately to avoid unwanted access. Also, change the password to other accounts you use to ensure your privacy. In addition, we advise you to follow these best practices when making a new secure password:
- Do not reuse the same password for multiple accounts. Use unique passwords wherever possible.
- Use strong passwords with numbers, letters, and special characters such as !@$#.
- Use two-factor authentication to add an extra layer of security along with your password.
- Use a reputable password manager if you have trouble remembering multiple passwords.