[ALERT] The Video Blackmail Scam

Category: Security

A new phishing email scam is making the rounds. It claims to have compromising video of victims and threatens to send it to all of their contacts unless hush money is paid. Yesterday, a reader wrote to me about one, and by coincidence I received one today. Here is how it looks and why you should not be taken in...

Beware The “I Have You On Video” Scam

The sender claims to be a hacker who planted malware on my PC. He explains, using techy buzzwords, that malware monitored all of my activity and started recording when I (supposedly) visited a p*rn site. It also claims to have captured video of me “having fun” via my PC’s webcam. Simultaneously, the email says, it captured all of my email contacts, Facebook friends, and so on.

And now, everyone I know will get a copy of this highly embarrassing split-screen video showing my dark deeds unless I send $3,000 in Bitcoin to a cryptocurrency wallet address that’s included in the email. Calling the cops would be futile, of course, since the crook is anonymous and no doubt based overseas.

To add credibility to his claims, the email contains an actual password that I have used. "I am well aware Q123456Z one of your pass," the hacker taunts in his opening sentence. Bad grammar aside, that put a shiver in my spine. I was pretty sure that this was indeed a password I once used for an online account.

Video Blackmail Phishing Scam

Wow! If you’re into online p*rn, a "sextortion" attempt like that may very well work. Who among the guilty can afford to take the risk that the sender is bluffing? Of course, I knew it was a bluff instantly; for one thing, my computer doesn’t have a webcam!

Phishing is very much a matter of playing the odds, and the odds are pretty good that some percentage of the recipients of this email are consumers of "adult" content, and have a webcam. One well-known p*rn site gets more than 75 million visitors every single day. It’s hard to buy a laptop that lacks a webcam; they are standard equipment. So this phish probably gets a lot of bites.

Here's How I Knew...

But even if I met the two essential criteria, the phish would not have convinced me that my PC had been compromised. If there was a compromising video, a screen capture from it would have been the very first thing I saw when I opened the email. That’s how to grab attention and knock a victim off guard!

Also, the email never mentioned my name. My unwanted correspondent wanted me to believe that he knew all the most intimate details about me. He omitted my name only because he has no idea who I am!

Finally, a thorough scan of my hard drive with multiple anti-malware tools showed nothing suspicious. That’s possible if the crook is using a tool that has not been reported to the security community. But such tools are rare, and their anonymity is short-lived.

But what about that password? It was in fact one that I had used. But after a bit of head-scratching, I remembered that it was a password for an account that I had used over 10 years ago. That site, now a defunct social media venture, was breached, and the list of user credentials has been circulating on the dark web for many years. All this hacker had to do was get his hands on that list of usernames and passwords, and send out a mass mailing to his potential scam victims.

It doesn’t take much thought to see right through attempted blackmail emails like this one. As long as you don’t panic and act out of fear instead of reason, this sort of phish should be a source of amusement rather than angst.

Have you gotten a similar blackmail phishing scam email? Your thoughts on this topic are welcome. Post your comment or question below…

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 14 Aug 2018


For Fun: Buy Bob a Snickers.

Prev Article:
Does Chromebook Deserve Laptop Respect?

The Top Twenty
Next Article:
Secret Foistware Blocker in Windows 10

Most recent comments on "[ALERT] The Video Blackmail Scam"

(See all 36 comments for this article.)

Posted by:

Karan
14 Aug 2018

I received this email in late July .. it also included a still used, but very old password (most uses are for wholesale jewelry sites, though in the day, it was obviously used for a breached site). After my heart stopped pounding I thought, hey .. no way that's possible! And I agree, a real convincing version would have included the split video. I Googled it shortly after I got it and found $$ amounts significantly less than my $2,500. You mention $3,000, so I'm thinking they're starting to get fewer responses, better up the ante. Dastards.


Posted by:

Mark Madere
14 Aug 2018

I got a couple of these recently with some variation in each one. I forwarded the last one to spam@uce.gov. I haven't received another one since.


Posted by:

Ken Albrecht
14 Aug 2018

My wife got 1 2 months ago claiming she visited 1 p*rn site too many and please send $300 somewhere to get the incriminating evidence destroyed (ha!). The English instruction was laughable. Someone in China just learning slanglish making 6th grader demands. We listened, had a good laugh, dumped it.


Posted by:

TOM
14 Aug 2018

Thank`s for the info, it is very enlightening.I have never received such an e-mail,but now I know what to look for.Ounce again thank`s.


Posted by:

Chuck
14 Aug 2018

Got one about 2 weeks ago. It had an old password I had used for Microsoft but had been changed quite a while ago. Also I laughed about the p**n comment - haven't done that in years. I wrote back to him (he already had my email, "I am a 14 year old girl. I told my dad and he is so furious at you he contacted the police." Haven't heard from him since, but I knew it was a scam anyway. He only wanted $1900 in bitcoin.


Posted by:

jonniebgood
14 Aug 2018

I don't bother to open anything I don't recognize at first, I just dump it. My desktop has no web cam. My laptops are taped over. And all of my computers are turned off when not in use.

I get a lot of spam, but almost all of it comes through my email account with Microsoft. The subject lines should be a dead give away, but MS must have the poorest spam filters or none at all. I get almost no spam from the 3 email accounts I have with my ISP.

I got off Facebook 6 years ago and am on no social media sites. Where do you think they get some of your info??

In spite of some "privacy" statements, I truly believe that many web sites sell your information.
And it is sold over and over until it gets into the hands of the most dishonest people.


Posted by:

thenudehamster
14 Aug 2018

I get a selection of these obviously fraudulent emails several times a week; Apparently my Apple account has been compromised (I don't have one) my PayPal account has been suspended (some hours before I paid for something with PayPal), my account with a bank I have never done business with has been compromised, and many more. Usual procedures - either laugh and delete immediately, or if it looks plausible, hover over the link and see where it leads. NEVER click on a link in an email - real ones will tell you to log into their site, but NEVER from an active link.
If one of these 'extortion' scams arrives, my response would simply be "Go ahead!" I'm not sure what is actually "socially reprehensible" these days - and I don't care if people know what I do anyway. It'd bore them to death.


Posted by:

Stephe
14 Aug 2018

Shame upon you Bob, you should practice what you preach — Q123456Z isn't a very secure password! ;o)

EDITOR'S NOTE: Of course that wasn't my actual password. I always use "Monkey123" for social media passwords. :-)


Posted by:

Vince
14 Aug 2018

I too don't have a webcam on my PC screen. I would laugh and tell them to please publish it; all my friends think I'm the most boring guy around. It would improve my street creds, lol.


Posted by:

Roger Hass
14 Aug 2018

Yup we got several of these.
The question remains, "From under which rock did these Anus Rectus's crawl ?"
Then I am reminded that some were sent to addresses with no cameras ☺☺☺


Posted by:

SamG
14 Aug 2018

Same threat here. No webcam. And mine said, "if you don't believe this, reply with YES. And we'll email all your contacts." So I replied with YES. (I'm single, nothing to lose, don't have a life) Email was bounced back. Also at the end of the email, it stated it cold not be replied to! DUH!


Posted by:

Isa Rose
14 Aug 2018

I think this scam was inspired by this episode of Black Mirror: "Shut Up and Dance" If you haven't seen Black Mirror on Netflix, you are missing the most chilling tech based horror series around.


Posted by:

Robin Henry
14 Aug 2018

I’ve had a cover over my laptop webcam for years ever since it operated once without my use. It flashed on and off-obviously took a photo.


Posted by:

John
15 Aug 2018

All unknown phone calls go to messages first and I delete emails that are obviously bogus.

Too bad I can't receive this scam message... I would ask them to send me extra copies so I can forward them to people not on Facebook!


Posted by:

Judyth
15 Aug 2018

I got my first one of those some weeks back and, though I've never watched the stuff and always tape over webcams, the password thing threw me (pre-morning-coffee) for a moment. Since then, I've received several from different sources.
If even .5% of recipients fall for it, the senders will keep doing it. Since probably almost everyone has had an account password hacked at some point (hello, Adobe, Yahoo, Target, etc.) they have millions of opportunities to find the gullible.


Posted by:

Robert Bailey
15 Aug 2018

I got a similar email. They wanted $5,000.
I also don't have a webcam!

Oddly enough, and perhaps it was just a coincidence, the next day I received two recorded phone calls from someone who claimed to be a police officer. He wanted me to call back immediately about "fraudulent" use of some financial account.

The phone kept ringing all day, but they would never leave a message- only if I picked up the phone would I get the message.

I phoned the real police about it and they said they were getting a lot of calls about it this scam.

I live in Canada, and the (real) police said the phone calls are coming from outside Canada, so it is difficult for them to do anything.


Posted by:

Old Man
19 Aug 2018

I didn't get an email, but I did get a pop-up saying they knew my password (which was valid for a couple of sites, but any I normally use), and would do something or other (I didn't bother to read it all) unless I paid them a huge amount.
I just rebooted the computer to get rid of it (didn't bother trying the "X"). Then I did a complete malware search with three programs. Nothing was found.
I still started having some computer problems, so I reloaded the previous image. No problems after that.


Posted by:

Mike
11 Sep 2018

Thanks Bob. I just received one such email. It is disconcerting that the extortionist knew an old password. If a video exists of me salivating, a recipe site has been hacked. I have no camera attached to my pc. This phisher could spend some the BTC 5000 "donation" and take some basic English lesson.


Posted by:

Carol Mills
13 Oct 2018

Bob, I am so grateful that you are available online. Please be there always. I trust your judgement, and I appreciate the reply you sent. It calmed me down a bit. My partner yells at me constantly about giving out info, but I don't think I have made public anything important. And I DO understand that Publishers Clearing House does not notify WINNERS by telephone.


Posted by:

cedricus
25 Oct 2018

I just said "go ahead I am a dedicated exhibitionist".


There's more reader feedback... See all 36 comments for this article.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- [ALERT] The Video Blackmail Scam (Posted: 14 Aug 2018)
Source: https://askbobrankin.com/alert_the_video_blackmail_scam.html
Copyright © 2005 - Bob Rankin - All Rights Reserved