ESET Provides Advice On Not Being “Sextortion” Email Victim

A new “sextortion” campaign has been detected making the rounds in North America and Europe.

Discovered early last month, the spam emails that were detected by ESET’s research laboratory have been trying to dupe unwitting victims by referring to old passwords that have been part of old data breaches.

The new scam borrows, or rather builds upon, the previous versions. The scammers start with an alarming message right off the bat to get the victim’s attention, usually by including one of the victim’s old passwords that was probably stolen as part of a previous data breach. Moving on, the fraudsters claim that the victim’s device was infected by some form of malware when visiting a porn website, and that allowed them to obtain both the victim’s password and access to their device. The scammers then purport to have made a video of the victim and the alleged “not safe for work” content.

Once the cybercriminals have scared their potential victims enough, they demand a sum to be paid within 24 hours or the embarrassing video will be released. They usually want the payment to be made in bitcoin.

After analyzing some of the cases stemming from this new sextortion scam campaign, ESET researchers found that it probably started sometime around the 8th or 9th of April.

To help Canadians avoid these attacks, ESET has complied the following tips for detecting and avoiding sextortion scams:

Utilize Google

By simply googling the word scam in quotes, along with a phrase used in the suspect email you can easily investigate if people have received similar (fake) emails.

Contact your computer security vendor

There is a very good chance that their tech support may know about it already, and that the company is preparing to block the next wave of such attacks if not blocking them already. And if they are not aware of this variant, they will certainly want to know so that they may protect their customer.

Contact your email provider

Whether it is Gmail, Outlook, your company’s IT department, or some other entity, it’s not good to allow scams (one of many forms of spam) in their customers’ Inboxes. So, let them know, which will assist them to tweak their spam filters.

For more tips about online safety, please visit: www.welivesecurity.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: