Sextortion Phishing Email Scam.
Don’t fall for it.

What is Sextortion? 

Sextortion is social engineering blackmail scam using fear of one’s privacy to extort bitcoin ransom. Don’t fall for it. Don’t Panic.

Phish Sextortion takes advantage of your fear that your most private moments will be exposed to the public. It usually starts with an email. The hacker or phisher by using fear misleads you into believing they have gained access to your computer, your files, your browsing habits and hardware like microphone and webcam. Porn sites are a business and will not give out your credentials or viewing habits of their visitors as this would greatly affect their business model. It is very difficult to take control of one individual’s hardware and then extort them. This model like many phish scams is aimed far and wide in the hope at least of few of the 1000s emails will panic, react and take the bait. Don’t fall for it. Don’t Panic.

How does Sextortion Phishing Email Scam work? 

It works by triggering your fears. If the hacker or phisher really had access to your computer, your ransom request would not come via external email but rather on your screen. You would see a copy of your explicit video on screen. The hackers use this claim of a recording you, to instil fear with the aim to blackmail you. They threaten to send the recording to your contacts, friends and family if you don’t pay the ransom. They do not have any recordings of you, it is social engineering techniques, to try to scare and shame you into paying.

In some versions of this email phish, the sextortion scam email subject line can include your password (new or old) and a small bit if personal information. Don’t panic. However, while this makes the email scam appear more credible, the scam is designed to play on your emotions so that you panic into an emotionally driven illogical reaction. Many 1000s of targets are emailed, the phisher is gambling that someone will react and enough people will respond in fear to make it worth pursuing. Furthermore, you will be emotionally triggered so that you will be phished, take the bait and pay the ransom. They use sales techniques like limiting the time period for paying, creating panic reactions as well providing a list of threats they will take to harm or expose you.

To make the scam appear more real they will spoof your email address to make it look as if your system is hacked. Spoofing or copying your email address is easy and common. Spoofing is where the receivers’ and senders’ emails are the same, i.e. yours. If you see an email addressed to you from your email address, it creates the illusion the phisher has access to your system. They do not, as why would a hacker send an email, an external service if they were inside your computer? Don’t fall for it. Don’t Panic. 

Common characteristics of Sextortion Phishing emails:

Bad Spelling and poor Grammar
Passwords (old or new) are revealed to install legitimacy.
Claims use of Remote Access Trojan (RAT) that has control over your computer or email account
Email Spoofing
Threats
Bitcoin Payments

How to protect yourself against Sextortion Email Blackmail?

Dont fall for it. Don’t Panic.
Zero Trust Policy. Treat all emails with suspicion, even emails that appear to be a legitimate internal company or organisational communications, emails from suppliers; especially emails from senders and suppliers you don’t recognise.
Delete the Sextortion email blackmail and mark it as spam.
If the threats are coming through your computer, ie not from external sources like email, install/update all anti-virus software. Update your router’s password and then Wi-Fi passwords. Contact an IT Company that can clean your PC.
Switch off, cover or hide the camera and microphone of your computer when you are not using them.
Routinely check all your devices for viruses and malware.
Update systems and programs installed on all your devices.
Regularly change passwords to complex alpha-numerical 16 characters. Use different password variations for each online account.
Do not send compromising photos. If the recipient is safe, a misplaced phone or tablet can easily provide access to a phisher.
Never open email attachments from unknown parties as they main contain macros that cannot be detected by antivirus software. 50% of all emails contain trackers or web beacons, personalised uniquely to your email. Don’t download images in your email client. View email as plain text or use an Email Privacy service or antitracking tools.
Do not pay the Sextortion email blackmail demanded ransomware.
Check if your email addresses have been involved in a data breach. Use https://haveibeenpwned.com/ If your email address is listed, make sure you update your password on any of the affected sites.

Sextortion Email Blackmail Examples.

I regret to inform you about some sad news for you.
Approximately a month or two ago I have succeeded to gain a total access to all your devices utilized for browsing internet.
Moving forward, I have started observing your internet activities on continuous basis.

Go ahead and take a look at the sequence of events provided below for your reference:
Initially I bought an exclusive access from hackers to a long list of email accounts (in today’s world, that is really a common thing, which can arranged via internet).
Evidently, it wasn’t hard for me to proceed with logging in your email account john@hotmail.com

Within the same week, I moved on with installing a Trojan virus in Operating Systems for all devices that you use to login to email.
Frankly speaking, it wasn’t a challenging task for me at all (since you were kind enough to click some of the links in your inbox emails before).
Yeah, geniuses are among us.

Because of this Trojan I am able to gain access to entire set of controllers in devices (e.g., your video camera, keyboard, microphone and others).
As result, I effortlessly downloaded all data, as well as photos, web browsing history and other types of data to my servers.
Moreover, I have access to all social networks accounts that you regularly use, including emails, including chat history, messengers, contacts list etc.
My unique virus is incessantly refreshing its signatures (due to control by a driver), and hence remains undetected by any type of antiviruses.

Hence, I guess by now you can already see the reason why I always remained undetected until this very letter…

During the process of compilation of all the materials associated with you,
I also noticed that you are a huge supporter and regular user of websites hosting nasty adult content.
Turns out to be, you really love visiting porn websites, as well as watching exciting videos and enduring unforgettable pleasures.
As a matter of fact, I was not able to withstand the temptation, but to record certain nasty solo action with you in main role,
and later produced a few videos exposing your masturbation and cumming scenes.

If until now you don’t believe me, all I need is one-two mouse clicks to make all those videos with everyone you know,
including your friends, colleagues, relatives and others.
Moreover, I am able to upload all that video content online for everyone to see.
I sincerely think, you certainly would not wish such incidents to take place, in view of the lustful things demonstrated in your commonly watched videos,
(you absolutely know what I mean by that) it will cause a huge adversity for you.

There is still a solution to this matter, and here is what you need to do:
You make a transaction of 690 USD to my account (an equivalent in bitcoins, which recorded depending on the exchange rate at the date of funds transfer),
hence upon receiving the transfer, I will immediately get rid of all those lustful videos without delay.
After that we can make it look like there was nothing happening beforehand.
Additionally, I can confirm that all the Trojan software is going to be disabled and erased from all devices that you use. You have nothing to worry about,
because I keep my word at all times.

That is indeed a beneficial bargain that comes with a relatively reduced price,
taking into consideration that your profile and traffic were under close monitoring during a long time frame.
If you are still unclear regarding how to buy and perform transactions with bitcoins – everything is available online.

Below is my bitcoin wallet for your further reference: 1Ls2ED6BRKkjApvczyzB8VRdpFy626iguK

All you have is 48 hours and the countdown begins once this email is opened (in other words 2 days).

The following list includes things you should remember and avoid doing:
> There’s no point to try replying my email (since this email and return address were created inside your inbox).
> There’s no point in calling police or any other types of security services either. Furthermore, don’t you dare sharing this info with any of your friends.
If I discover that (taking into consideration my skills, it will be really simple, because I control all your systems and continuously monitor them)
your nasty clip will be shared with public straight away.
> There’s no point in looking for me too – it won’t result in any success. Transactions with cryptocurrency are completely anonymous and untraceable.
> There’s no point in reinstalling your OS on devices or trying to throw them away. That won’t solve the issue,
since all clips with you as main character are already uploaded on remote servers.

Things that may be concerning you:
> That funds transfer won’t be delivered to me.
Breathe out, I can track down everything right away, so once funds transfer is finished,
I will know for sure, since I interminably track down all activities done by you (my Trojan virus controls all processes remotely, just as TeamViewer).
> That your videos will be distributed, even though you have completed money transfer to my wallet.
Trust me, it is worthless for me to still bother you after money transfer is successful. Moreover, if that was ever part of my plan, I would do make it happen way earlier!

We are going to approach and deal with it in a clear manner.
Bye.

Sextortion Email Blackmail Examples.

dgardneruugk@gardnermarsh.com

Your personal data has leaked

Hi,

I’m a prof. hacker and have successfully managed to hack your operating system.
Currently I have gained full access to your account.

I’ve been watching you for a few months now ╭ ᑎ ╮

The fact is that your computer has been infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain.
Trojan virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.
I also have access to all your contacts and all your correspondence.

You may be wondering why your antivirus cannot detect my malicious software.
The malware I used is driver-based, I update its signatures every 4 hours.
Hence your antivirus is unable to detect its presence.

I made a video showing how you satisfy yourself in the left half of the screen, and the right half shows the video you were watching at the time.

With one mouse click, I can send this video to all your emails and contacts on your social networks.
I can also make public all your e-mail correspondence and chat history on the messengers that you use.

I believe you would definitely want to avoid this from happening.
Here is what you need to do – transfer the Bitcoin equivalent of $730 to my Bitcoin account (that is rather a simple process, which you can check out online in case if you don’t know how to do that).

Below is my bitcoin account information:
1AyLWnrMcToF2vBnsE3SzwirXFhuc4jpUC

Once the required amount is transferred to my account, I will proceed with deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 52 hours (more than 2 days).
I will receive a notification right after you open this email, hence the countdown will start.

Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight away proceed with making your private videos public.

Take care and have a good day.

Sextortion Phishing Email Scam.
Don’t fall for it.

Sextortion is social engineering blackmail phish scam using fear to extort bitcoin ransom. Don’t fall for it. Don’t Panic.