We are connected more than ever, from computers, mobile phones, to smart TV and watches. Technology not only brings luxury into our lives but also can bring some danger if we are not careful.
In recent years, we have witnessed an increase in the number of phishing emails not only at an organisation level, but also at a personal level. One common phishing scam identified by the National Fraud Intelligence Bureau in the UK is known as “sextortion”.
Facts and numbers from BBC:
- Police in Northern Ireland have received nearly 170 reports of cyber-related blackmail, known as “sextortion,” in 2019.
- Sextortion is a form of blackmail where a perpetrator threatens to reveal intimate images of the victim online unless they give in to their demands.
- Det Supt Rowan Moore said 167 incidents had been reported by victims ranging in age from teenagers to pensioners.
Facts and numbers from CNBC:
- extortion by email is growing significantly, according to the FBI’s Internet Crime Compliant Center (IC3). Last year, these complaints rose 242% to 51,146 reported crimes, with total losses of $83 million.
- “The majority of extortion complaints received in 2018 were part of a sextortion campaign in which victims received an email threatening to send a pornographic video of them or other compromising information to family, friends, coworkers or social network contacts if a ransom was not paid,” according to the FBI.
The attacker emails their victims with a genuine password that the victim has used, and then attempts to blackmail them by claiming they hacked into the victim’s computer and recorded them watching pornographic videos. Or in other cases, the victim receives an email from the attacker claiming that they have had control over the victim’s devices for a few weeks / months and they recorded the victim watching porn videos.
The victim is given two days or so to do the transaction or the videos will be published online and will be shared with the friends, family and colleagues.
At the end of the email, they are asking for some cash but of course in bitcoin to a bitcoin wallet.
If you receive an email that threatens you, your family, or your property in any way, and asks you to make a Bitcoin payment, don’t take the bait.
Unfortunately, a lot of people will fall for the scam and immediately try to pay the money. However, there is another way to deal with this.
I was a victim at the end of last week (in June 2021), where I received an email to my corporate email address at the end of the business day of the last day of the week, so just before the weekend. This way the attacker ensures that the person they’ve targeted won’t be able to reach out for help. In the email the attacker threatened to “ruin my reputation” publicly if I tried to reach for help or if I didn’t pay the amount asked for within 50 hours.
A lot of countries now have a center that deals with such issues, all that you need to do is to find them first.
Below are my top 6 recommendation on how to tackle such issues:
- Report the email to the authorities (such as a dedicated government email support, your work IT manager or your gmail or hotmail filter by choosing the option report as phishing/scam).
- For privacy get a webcam cover. You can get it from Amazon for less than a 1$ / 1£ / 1€.
- If you don’t have antivirus and anti malware, it is time to get it or check if you have the updated version and scan your devices regularly.
- If you didn’t change your password for so long, it is time to change your passwords for all your emails, devices, and social media channels.
- Always ensure to use a difficult password, and make sure to include special letters, numbers and uppercase characters and lowercase ones.
- Ensure that all your devices, applications, and operating systems are up-to-date.
Receiving such an email can be very distressing, especially since technology allows footage to be manipulated.
And note that if an attack is based on material that they do actually have, they are likely to include a screenshot or a video clip. They want you to pay, so will make a point of proving that they have something against you. In 99% of the cases they wont have such evidence and are simply hoping that they’ll scare you into thinking they might have something that warrants you falling for their blackmail attempt