The link between passwords and sextortion
In recent weeks we have seen a massive increase in the number of sextortion attempts with SA’s press shining a spotlight on this increasing social media scourge.
Trusting people, looking for the perfect match, bored partners, or undercover porn viewers are being increasingly targeted by groups of people who work on insecurities, naïvety and poor cybersecurity behaviour to coerce unsuspecting victims into parting with their money in order to prevent public humiliation and embarrassment.
I have seen several versions of the attack, some via WhatsApp and other via email.
The WhatsApp variety is very common; boy meets girl by swiping right. The match is made and introductory texts are exchanged. Almost immediately the beautiful girl shares intimate pictures and asks for the same in return. There is an almost aggressive exchange to ensure that the unsuspecting victim sends compromising photos that include showing their face.
Almost immediately the attacker reveals his/her true intentions and threatens to put the risqué nudes on the Internet, being sure to name the victim’s family members and work colleagues with whom they intend to share the photos. Using information gathered from the texting – they identify victims’ social media accounts and in certain instances, use these details to compromise or hack their accounts. Once the bait is taken they move quickly to reel in their prey.
The tone is menacing and becomes increasingly urgent as they intimidate with threats of exposure and public humiliation. The modus operandi is pretty much always the same – demands for money in order to delete victims’ photos, mostly through eWallet or untraceable money transfers performed at retail stores.
Another alarming trend is for attackers to use compromised and leaked passwords that are easily available on the dark web and cyber underground. The would be attacker then utilises a free email service to deliver the news that they have the victim’s password and have accessed their online activities. This becomes a problem if the attacker has not only accessed the victim’s activities on an adult website or recorded adult videos but has also activated their webcam. The next step is extortion or face public exposure via videos of the victim watching porn.
These messages are mostly poorly written, lack basic grammar and for the most part are identical. It only takes a very small hit rate to ensure a lucrative return. Once you make the payment – they get rid of the pay as you go sim card and move to the next victim.
An extract of one of these emails is below:
Let’s get directly to the point. Nobody has paid me to check about you. You may not know me and you’re most likely wondering why you are getting this mail?
Well, I actually installed a malware on the xxx streaming (adult porn) web-site and you know what, you visited this website to experience fun (you know what I mean). While you were viewing video clips, your Internet browser started operating as a Remote Desktop with a keylogger which gave me access to your display screen as well as Web camera. Just after that, my software gathered all of your contacts from your Messenger, FB, and e-mail account. After that I made a double-screen video. 1st part shows the video you were viewing (you’ve got a nice taste : )), and 2nd part shows the recording of your cam, and it is you.
You have just two choices. Why don’t we check out each of these solutions in aspects?
1st choice is to dismiss this email message. In this instance, I am going to send your tape to almost all of your contacts and also just consider about the shame that you receive. Furthermore should you be in a romantic relationship, precisely how it is going to affect?
Number 2 option should be to pay me $1000. We are going to think of it as a donation. In this situation, I will instantaneously delete your video. You will keep going on daily life like this never occurred and you will never hear back again from me.
You’ll make the payment by Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google).
There are numerous ways to combat this, the simplest being to ensure that you stay far away from any illicit websites and another is to ensure that you change your passwords regularly and please do not use the same password on every site, platform and computer.
But above all never take compromising selfies, because, like passwords, they should never be shared.
For more information contact J2 Software, +27 87 238 1870,
By John Mc Loughlin, CEO of J2 Software
- Hits: 1379