September 2024 - Sextortion Scams

An ongoing email scam, commonly referred to as "sextortion," has recently adopted a more personalized approach. These deceptive messages now include a photograph of the recipient's residence, enhancing the illusion that their webcam footage—allegedly captured while engaging in intimate activities—is at risk of being publicly exposed. This added element is designed to heighten the intimidation factor and make the threat seem more credible.

Sextortion, including scams that are semi-automated and lack any real physical leverage, is a serious crime that can have severe consequences for victims. It occurs when someone threatens to share your private and sensitive material unless you provide them with explicit images, sexual favors, or money.

This week, several individuals at the university have reported receiving sextortion emails that address them by name and include images of campus parking lots, seemingly sourced from online mapping applications like Google Maps.

 

EB Parking Lot

 

These emails falsely claim to be from a hacker who has compromised your computer, alleging that they have used your webcam to record a video of you while viewing explicit content. The message threatens to share this video with all of your contacts unless you pay a ransom in Bitcoin. The amount demanded in this instance is nearly $2,000, with payment requested via a QR code embedded in the email.

The email begins with a salutation that includes the recipient’s full name and continues with a message that reads, “Is visiting [recipient’s street address] a more convenient way to contact if you don’t take action? Nice location, by the way.” This is followed by a photo of the recipient’s street address.

The email then warns that recipients have 24 to 48 hours to make the payment, or their purportedly compromising videos will be shared with all their contacts, including friends and family.

“Don’t even think about replying to this, it’s pointless,” the message continues. “I don’t make mistakes, [individual's name]. If I notice that you’ve shared or discussed this email with someone else, your * video will instantly start getting sent to your contacts.”

The remaining sections of the sextortion message, which is sent as a PDF attachment, follow a familiar template seen in many prior sextortion schemes. These sections typically include claims that the scammer has installed malware on your computer—in this case, the email specifies the name of a popular spyware and asserts that the attacker is monitoring all your activities on the device.

According to the FBI, in many cases of sextortion, the perpetrator is an adult posing as a teenager, and you may be just one of many victims being targeted by the same individual. If you believe you are a victim of sextortion or know someone who is, the FBI encourages you to report it. You can contact your local FBI office or call 1-800-CALL-FBI.

The FBI recommends the following precautions to help protect yourself from becoming a victim of sextortion:
- Turn off or cover your webcam when it’s not in use to prevent unauthorized access.
- Avoid opening attachments from unfamiliar senders, and exercise caution even with attachments from people you know.
- Never send compromising images of yourself to anyone, regardless of who they claim to be.