In just one week, scammers have extorted more than $50,000 in payment via bitcoin from victims of the most recent extortion campaign which we originally reported to you last week.
This latest spam email contains a black mail message addressed to unsuspecting victims claiming that the “scammer” has recorded video footage of the victim utilizing adult porn websites and that if a certain amount of money in bitcoin payments wasn’t sent to the scammer’s bitcoin address by a certain time, the scammer would send the video out to all of contacts on the victim’s social media account.
Back when this most recent scam started, SecGuru, a security researcher, started tracing the bitcoin addresses that the scammers were using, and he was shocked by the number of people that were actually paying out on these blackmail extortion scams.
After reviewing 42 bitcoin addresses associated with the scam, SecGuru found out that 30 of the victims had already paid the scammers’ blackmail demands and the total amount that had been paid out was more than $50,000. SecGuru expects that this amount will increase as more bitcoin addresses are examined.
One of the bitcoin addresses was paid 2.54 bitcoins (equaling over $18,000), from a combination of 8 different victims.
The phony extortion email falsely claims that malware had been installed on the victim’s pc and webcam video footage of them using adult websites was collected. Actual passwords to the victims’ email addresses were used in these messages to make the threat look more legitimate. These passwords had actually been acquired through previous data breach leaks from hacked sites.
Some of the passwords were old ones, but had been used previously by the victims. The appearance of these valid passwords apparently scared enough of the victims to actually pay the demand instead of just deleting the email message.
You can read the entire extortion message here.
If you actually end up receiving one of these messages with one of your actual passwords in it, you should change your password immediately and setup 2-step verification whenever available. Also, at https://haveibeenpwned.com/ you can view which data breaches your account credentials have been included in.
Let us know your comments on this below.