Skip to Content
Security & privacy

Malware alert: Frightening sextortion scam is back and spreading faster than ever

Catching malware on your computer is bad enough. Seeing your computer turn into a zombie that spams extortion messages to millions of people is even worse.

Hackers continue to find creative ways to commit crimes, and one method is quickly rising in popularity: sextortion. A new type of sextortion malware is spreading around. Click or tap here to learn if your internet accounts have been compromised.

We have the latest details on how a convincing sextortion campaign has already scammed hundreds out of their hard-earned savings. If you receive a threatening email in your inbox, avoid opening it at all costs.

Phorpiex wants you to join the racket

Sextortion scams are nothing new, but these harassment and fraud campaigns are getting more complex and dangerous. According to reports by BleepingComputer, an email malware called Phorpiex is responsible for an uptick in sextortion messages.

This malware is more than a decade old, but it seems to have added a new feature to its payload that forces the infected computer to automatically send even more malicious emails.

Here’s how it works: When you open the infected email, Phorpiex immediately installs itself on your system. The message claims a hacker knows you’ve been watching pornography.

They demand a bitcoin ransom or they’ll send recordings of you to all your contacts. Meanwhile, the malware hijacks your PC and sends more of these malicious messages to emails stolen from a hacked database.


RELATED: New sextortion scam in the corporate world.


To make the message more convincing, hackers often display a password the user will recognize inside the email. This doesn’t mean the hackers have successfully broken into any accounts, though. They obtained the emails of their victims from hacked databases, and many of these email addresses had passwords associated with them already.

By harnessing stolen resources, the hackers behind Phorpiex have managed to steal around $96,000 worth of bitcoin from their victims. PCs infected by malware send spam messages at a rate of 30,000 emails per hour, so there’s no telling how much cash these cybercriminals will manage to net before their scheme is shuttered.

How can I protect myself from Phorpiex and sextortion emails?

It’s important to realize the extortion messages are empty threats. As researchers have noted, the passwords they offer as “proof” that they’ve compromised your computer are pulled from the same stolen database as your email address.

This applies not only to Phorpiex, but to many sextortion operations. If a hacker really hacked your system and wanted to extort money from you, they’d use ransomware instead of a roundabout threat.

But knowing the hackers’ threats are empty doesn’t make your computer any more safe. Once you’ve opened the email, it’s already too late.

If you’ve opened any threatening messages lately, run an antivirus scan on your PC as soon as possible. Doing so may allow you to spot the threat and eliminate it before your computer helps infect others. For more help, click or tap here to see our recommendations on the best security software to download to your computer.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days