If You Thought That Sextortion Was Not a Big Deal, Know That Schemers Are Making $100,000 a Month

Sextortion scam emails are extremely unpleasant and intimidating. Usually, scammers claim to have a video of a user watching pornographic content and threaten to send it to his family and friends. Cybercriminals might claim that they were able to gather embarrassing content with the help of malware that provided them access to a victim’s computer. Specialists warn users that even though such scenario is possible, hackers are most likely bluffing. An access to your computer could allow cybercriminals to gather information that would be far more valuable than an embarrassing video of you. Thus, experts advise not to put up with any demands. To learn more about sextortion scams and what you should do if you receive such scam emails, we invite you to read the rest of this blog post.

According to cybersecurity specialists from Sophos, a lot of sextortion scam emails never reach their recipients. Also, some users do not fall for the scam even if they read the hackers’ messages. Nonetheless, the research revealed that hackers made around half a million US dollars from users who did fall for these scams. It took them only six months to gather such a sum, which means cybercriminals make around $100,000 a month from sextortion scams. Unfortunately, it is impossible to stop hackers from sending spam or stop every sextortion scam email from reaching its recipient. The only thing that can help protect users from falling a victim to such scams is learning about them before they get attacked.

How do sextortion scams work?

In most cases, cybercriminals start with finding personal information of a victim that could be presented to him so it would look like the attackers hacked into a user’s computer. Usually, hackers look through databases compiled after various data breaches, attacks during which cybercriminals gain access to systems and expose various sensitive information. For example, one of the most recent data breaches endangered around 350,000 Preen.me users. Such incidents happen every day, so more and more personal data becomes available on the Internet if one only knows where to look for it.

Once hackers obtain an old password or any other piece of information that a targeted victim would recognize, it is time to send the scam email. Usually, such messages claim that attackers managed to hack your computer and were able to record how you were visiting websites with adult content. They add the earlier mentioned personal data to prove that the victim’s computer is infected and that hackers were able to collect various sensitive information. While this part of the message might sound convincing at first, it should raise suspicion. Especially, if the personal data included in the letter is an old password that you no longer use or have not changed for a long time. Would it not be easier to prove that the embarrassing video of you exists by sending a short clip or a screenshot of it? Nevertheless, even if this part is not as convincing, sextortion scam emails also threaten their recipients to send the embarrassing videos of them to their friends and family.

The thought of being humiliated in such a way might be unbearable. Still, we advise remaining strong as it is likely that the video does not exist. It would take sophisticated malicious applications to be able to gain access to your system, web camera, and features alike. Usually, such threats are used on highly targeted attacks when hackers seek extremely sensitive information or want to access a system with thousands of user records. Not to mention, cybercriminals would have to hack thousands of computers and search for users who are watching adult content. Therefore, such attacks would probably cost too much.

Is the email claiming to have a video of me real?

In some cases, cybercriminals make it seem as if the sextortion scam message was sent from the victim’s email. Therefore, it is natural that a user may ask himself the following question: is the email claiming to have a video of me real? In short, the email itself is real and it comes from hackers who know how to make it seem as if the message was sent from your own account. Cybercriminals do so to make it look more convincing that they have access to a victim’s computer or his email account. However, as mentioned earlier, the things mentioned in a sextortion scam email, including stories that your device was hacked and you were recorded while watching adult content, are likely to be lies that were created by cybercriminals to scare you into paying a ransom.

What to do if you receive a sextortion scam email?

Like with any other scam, the most important things to avoid is panicking and rushing. The message might be extremely unpleasant, and it might contain various statements that could make you question everything. For example, you might start wondering if you always cover your web camera or when was the last time that you visited a site containing pornographic material, and whether you might have visited it accidentally. Remember that making you doubt yourself and convincing that you have something to fear for is their tactic. Thus, even if you are scared, specialists recommend ignoring and deleting sextortion scam emails.

However, if the received sextortion scam email says that hackers have one of your accounts’ password, there is something else that you should do. If you are still using the emailed password or have replaced it with a similar combination, you should change this passcode immediately. If you do not, it might be only a question of time till cybercriminals try to take over your account or even multiple accounts if you are using the same password for different sites or platforms. Thus, we recommend replacing the exposed password at once. Each of your account should be protected by a unique and complex password that would be difficult to crack.

If you doubt that you can create and memorize many complex combinations, you could employ a password manager. For instance, Cyclonis Password Manager can generate long and complex combinations that it can store for you in an encrypted vault. It can even log you into your accounts automatically so you would not have to type complex login credentials yourself. If you want to know more about what it can offer, you could continue reading here.

To conclude, it is best to be prepared for sextortion scam messages so that hackers could not catch you off guard. We also recommend making sure that your system is well-protected, because if cybercriminals cannot gain access to it, they cannot control your web camera or gather your sensitive information, which would be worse than having your friends or family see you in an embarrassing situation. Another good reason not to pay ransom is that it prevents hackers from gaining funds for future scams and attacks.