Email Scams

Email Scams

Posted by TRENDMicro on Dec 16th 2021

Common Types of Blackmail and Sextortion Scams — And How to Deal With Them

What are “sextortion” email scams?

One example is the sextortion email scam, where an aspect of sexual content, emphasized by scammers as shameful, persuades you into doing their bidding — e.g., intimidating emails claiming that you have been observed doing something sensitive while watching pornographic videos.

There are also blackmail email scams, in which scammers claim that your corporate, personal or health information has been found leaked in a data breach. The sender threatens to send the pictures, videos or sensitive information to all of your contacts unless you pay them money. These scams are very common and continue to evolve.

3 sextortion explanations the scammer use (to explain how they have access to your camera and privacy):

  • They set up malware on porn website.
  • They penetrated with “zero-click” vulnerability on Pegasus or Zoom.
  • They got your email account, password from hackers.

The context of scam emails has the same pattern for some time, and usually the only thing that changes is the Bitcoin address where you can pay the amount demanded.

What should I do if I receive these emails?

  • DO NOT PAY THE RANSOM! And more importantly DO NOT REPLY, because sometimes a scammer will escalate if you reply. If they really had a video or picture of you they will at least show some proof like a screenshot. If they allege that they have your corporate, personal or health information they should have shown a sample of it as well.
  • Don’t open any attachments. Don’t take the chance, it might contain real malware.
  • Just in case they show you a password of yours, double check if it is an old password. Scammers buy dumps of old email accounts and passwords on the darknet that were disseminated in data leaks.
  • If they show you a password that you are currently using, change it. Never use that password again and it is recommended to use Two-Factor Authentication.
  • Sometimes the email will appear to be sent from your own email address as “proof” that they have hacked your computer and your email account, but this is only a trick called email spoofing. When your email address is spoofed, you can ask your ISP for help in filtering out emails that fail authentication.
  • You can report such emails to the FBI.

Why Do Blackmail/Sextortion Emails work?

It is because of fear. People assume they will never be a victim but in reality, we are prone to phishing attacks. Well-fabricated explanations by a scammer will likely make the scam more credible. The fear will do the rest and with the addition of shame, people can make irrational decision.

Keep Calm & Carry On

It can be scary, but remember that these scam emails are designed to inject fear. If they really have what they are claiming they have, they will provide an accurate sample to you. It is either a screenshot of the video or a sample of personal/corporate information.

These scams are very common and continue to evolve. Tragically, sextortion email scams have led victims to suicide, including a case involving five separate men in the UK and one in the United States. These are just a few of these types of cases. If you’ve found this helpful, please do SHARE with family and friends and help protect them.