[ALERT] The Video Blackmail Scam
A new phishing email scam is making the rounds. It claims to have compromising video of victims and threatens to send it to all of their contacts unless hush money is paid. Yesterday, a reader wrote to me about one, and by coincidence I received one today. Here is how it looks and why you should not be taken in...
Beware The “I Have You On Video” Scam
The sender claims to be a hacker who planted malware on my PC. He explains, using techy buzzwords, that malware monitored all of my activity and started recording when I (supposedly) visited a p*rn site. It also claims to have captured video of me “having fun” via my PC’s webcam. Simultaneously, the email says, it captured all of my email contacts, Facebook friends, and so on.
And now, everyone I know will get a copy of this highly embarrassing split-screen video showing my dark deeds unless I send $3,000 in Bitcoin to a cryptocurrency wallet address that’s included in the email. Calling the cops would be futile, of course, since the crook is anonymous and no doubt based overseas.
To add credibility to his claims, the email contains an actual password that I have used. "I am well aware Q123456Z one of your pass," the hacker taunts in his opening sentence. Bad grammar aside, that put a shiver in my spine. I was pretty sure that this was indeed a password I once used for an online account.
Wow! If you’re into online p*rn, a "sextortion" attempt like that may very well work. Who among the guilty can afford to take the risk that the sender is bluffing? Of course, I knew it was a bluff instantly; for one thing, my computer doesn’t have a webcam!
Phishing is very much a matter of playing the odds, and the odds are pretty good that some percentage of the recipients of this email are consumers of "adult" content, and have a webcam. One well-known p*rn site gets more than 75 million visitors every single day. It’s hard to buy a laptop that lacks a webcam; they are standard equipment. So this phish probably gets a lot of bites.
Here's How I Knew...
But even if I met the two essential criteria, the phish would not have convinced me that my PC had been compromised. If there was a compromising video, a screen capture from it would have been the very first thing I saw when I opened the email. That’s how to grab attention and knock a victim off guard!
Also, the email never mentioned my name. My unwanted correspondent wanted me to believe that he knew all the most intimate details about me. He omitted my name only because he has no idea who I am!
Finally, a thorough scan of my hard drive with multiple anti-malware tools showed nothing suspicious. That’s possible if the crook is using a tool that has not been reported to the security community. But such tools are rare, and their anonymity is short-lived.
But what about that password? It was in fact one that I had used. But after a bit of head-scratching, I remembered that it was a password for an account that I had used over 10 years ago. That site, now a defunct social media venture, was breached, and the list of user credentials has been circulating on the dark web for many years. All this hacker had to do was get his hands on that list of usernames and passwords, and send out a mass mailing to his potential scam victims.
It doesn’t take much thought to see right through attempted blackmail emails like this one. As long as you don’t panic and act out of fear instead of reason, this sort of phish should be a source of amusement rather than angst.
Have you gotten a similar blackmail phishing scam email? Your thoughts on this topic are welcome. Post your comment or question below…
This article was posted by Bob Rankin on 14 Aug 2018
|For Fun: Buy Bob a Snickers.|
Does Chromebook Deserve Laptop Respect?
The Top Twenty
Secret Foistware Blocker in Windows 10
There's more reader feedback... See all 34 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- [ALERT] The Video Blackmail Scam (Posted: 14 Aug 2018)
Copyright © 2005 - Bob Rankin - All Rights Reserved