That creepy sextortion scam we’ve been warning you about is getting multiple makeovers and beware – it’s now slipping through workplace email and spam filters quite easily.
To refresh your memory, a sextortion scam is an email that claims that someone has installed malware onto a porn site that you have visited and with some unknown “software magic,” they have video evidence of your “private” moments.
But don’t be fooled. It’s just another good old blackmail/online extortion scheme that tries to scare you into ponying up your hard-earned cash to these cyberscammers. It’s still going strong so it probably is profitable, and many people are actually getting duped.
New variations to this “sextortion” scam are constantly being added to make it more convincing. Your email addresses, old passwords, your name – but watch out!
They’re just ways for these scammers to scare you into giving in to their demands.
Let’s take a look at their latest techniques and learn how to spot sextortion scams before it’s too late.
Sextortion is getting a corporate makeover
Last year, sextortion emails were mostly sent out via large-scale spam campaigns with more or less the same generic content. The only variation may be the included email, phone number, name, or stolen password of a would-be victim.
With the same keywords and message contents replicated and pasted over and over, this made them easier to catch with email spam filters.
Because of this, these scammers have started changing their tactics. Majority of sextortion scams now contain subject lines with some kind of security warnings and to evade spam filters, the attackers are now varying the contents of their emails. That’s according to new research published by computer security firm Barracuda.
Here’s a warning to business owners and IT administrators. Corporate sextortion scams are also on the rise and attackers have started targeting employees with personalized emails.
And here’s the twist — since these emails can be embarrassing, workers seldom report these emails to avoid getting into compromising situations.
To evade email filters and security software, scammers have started using hacked Office 365 and Gmail accounts that are legitimate, as well. These emails don’t contain malicious links nor viruses either since infecting computers with malware is not their goal.
The subject lines, though, are getting more personalized, scary and threatening. They’re social engineering tactics at their worst.
Email subject lines to watch out for
To spot these sextortion emails from a mile away, Barracuda’s data revealed the most common sextortion subject lines. Watch out for anything that resembles these:
Security warning subject lines:
- firstname.lastname@example.org was under attack change your access data
- Your account has been hacked you need to unlock
- Your account is being used by another person
Password-change subject lines:
- Change your password [password] immediately your account has been hacked
- Hackers know your password [password] password must be changed now
Threatening subject lines:
- You are my victim
- Better listen to me
- You don’t have much time
- You can avoid problems
- This is my last warning email@example.com
Some subject lines also mimic customer service emails and they may include references to a customer service ticket number or incident report.
Most targeted companies
The most targeted industry appears to be the education sector (55%), followed by the government (14%) and in third place are business services organizations (11%).
The increased focus on the education sector is apparently a conscious move by these scammers. Since schools typically have a majority of young users who may be less aware of computer security and are more hesitant to report these types of emails.
How come they have your email, name, old passwords and phone numbers?
So how do these scammers manage to get your information?
As we said before, with the number of data breaches that are seemingly occurring every day, your email address, real name and even your old passwords are not that hard to acquire. These databases are typically available for sale on the dark web and even on public file sharing sites.
Remember, even if you do get a threatening email addressed to your name or with your old password and phone number attached, please don’t fall for it!
What to do when you receive one
If you do receive a sextortion email, report it as spam and then delete it, it’s as simple as that. Don’t be intimidated by the blackmailing attempts and big hacker terms like “RDP” or “keylogger;” it’s just another way for these scammers to bully you into believing that they are what they claim to be.
Aside from threatening subject lines, what are the telltale signs that an email is just another sextortion attempt?
First, although the scammer has your personal information, the attackers do not really have your browsing activity, the porn website nor any actual proof of the “video evidence.”
Second, usually, the scammer is offering “evidence” of the recording by sending the video to someone you know. As you would suspect, this offer is simply just another scam in itself and it actually discourages you from asking for the proof in the first place.
If it’s real, the blackmailer will at least send you concrete proof of the video such as a short clip, a screenshot, or heck, even the whole video itself.
Third, they’re almost always full of blatant misinformation, technical errors and urgent threats that force you to act quickly.
And lastly, if you receive any threatening emails of this sort, please don’t give in by paying the ransom. If you do, then just like what General Hudson said in “Aliens,” that’s when it’s “Game over, man. Game over…”