Cybercriminals use many techniques to extort money from unsuspecting victims. One recent technique uses a sextortion scam campaign to embarrass users into giving criminals money.
Sextortion Scam
This new scam targets users of the Xvideo.com website. It attempts to trick users into thinking that hackers have access to their webcams. The scammers send the users an email claiming they have recorded them using a malicious script.
The email also states that the hackers have stolen data and contact details. They even include old passwords obtained from third-party data breaches. These hackers then demand $969 worth of bitcoins or they threaten to publish the material.
Profitable Business
In an article published on the website Bleeping Computer, the scammers have had a lot of success with this type of extortion.
Lawrence Adams writes: “As these scams have been extremely profitable, with attackers earning as much as $50k in a week with little or not cost to spam them out, we should not expect to see them stop any time soon.”
The article also published a copy of the email received by users of the Xvideo.com site.
Scam Email
In the email sent to users, the hackers make it seem like they have access to the user’s webcam. “When you were watching videos, your browser began functioning as a RDP with a key logger which gave me access to your display and also web camera.”
They then go on to mention the “humiliation you will definitely get” if this recording was published.
They even go into how the user can find out about bitcoins by searching Google.
The instructions given to the user, tell them to send the bitcoins to a BTC address 18z5c6TjLUosqPTEnm6q7Q2EVNgbCy16Td.
Other types of sextortion scams trick victims into installing a malicious attachment. This attachment then allows the hackers to deliver data-stealing software and ransomware.