I Received a Sextortion Email – DON’T FALL FOR THIS SCAM!
I received an interesting email in my mailbox this week.
Like you I am used to receiving the odd, “I have like a trillion dollars in this country and need your help to move it” type emails, but this one was very different.
This was my first ever ransom email from someone claiming to have taken over my computer and have recorded me “satisfying myself”!
Even though I am not new to scam emails I was a little taken aback. I mean I know that I am outside my masturbation challenge that I did some-time ago – so did this guy REALLY have such embarrassing footage?
The email was pretty convincing primarily because they included one of my old passwords that I regularly used a few years ago.
Despite the persuasive email (which I have included in full below) it outlines how they obtained the clip and how I can make this potentially embarrassing situation go away. Simply by sending a LOT OF MONEY to a cryptocurrency wallet!
It’s very persuasive, but THIS IS A SEXTORTION EMAIL SCAM!
Let me tell you why I know this and what to look out for, so you don’t fall foul of this email scam.
How does this email scam work?
The nature of this email scam is to convince me that they have recorded me unknowingly whilst watching online porn and then pleasuring myself.
Aside from the natural point that I would never do such a thing (just in case you’re reading mum), reading the sextortion email in full below you’re probably thinking that it’s very convincing right?
It is, mainly because the scammer uses a previous password that you would recognise.
It’s very clever, but the biggest tell-tell signs that this is a “fishing” email (that’s right not a phishing one), is they haven’t used my name in the email.
Surely if they have my email address and an old password they would know my first name?
The fact is they have gotten my details from a security breach from a website that I have or had an account with. Considering I used this particular email address for most accounts some years ago it’s not surprising this one was used.
This is also the case with the password they used.
The practice of choosing passwords has changed these days with websites and services often requiring more sophisticated passwords, and for them to be changed regularly. Back when I was using the old password you could pretty much keep the same password indefinitely.
When complaining about needing to change passwords it’s worth keeping this in mind – it maybe a pain in the arse but can help protect you from dickhead scammers like this one!
Why the Scammers use Monero Cryptocurrency
To be 100% clear the Monero (XMR) coin is not a scam and it’s a legit Cryptocurrency like Ethereum and Litecoin. Unfortunately it’s become a popular crypto coin has the transactions are anonymous, making it easier for scammers to move money around.
Monero has been dubbed the privacy coin and has a reputation for darknet payments. The ability to conceal nearly all the details of the transactions make it ideal for illegal purposes, hence the popularity with online scammers.
If you send money to a Monero crypto wallet you’re not going to be able to easily chase this, if at all. So, please do not send any money using Monero in response to a sextortion scammer.
Website Security Breaches Over the Years
It’s very likely that the scammer has got your email address and password from a website security breach, and then maybe sold online.
There have been many website security breaches in recent years. Here are a few of the well-known ones from companies you will have heard of:
- Dropbox: In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
- Adobe: In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text.
- Bitly: In May 2014, the link management company Bitly announced they’d suffered a data breach. The breach contained over 9.3 million unique email addresses, usernames and hashed passwords.
- Dailymotion: In October 2016, the video sharing platform Dailymotion suffered a data breach. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.
- Disqus: In October 2017, the blog commenting service Disqus announced they’d suffered a data breach. The breach dated back to July 2012 but wasn’t identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames.
- MyFitnessPal: In February 2018, the diet and exercise service MyFitnessPal suffered a data breach. The incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords
- ShareThis: In July 2018, the social bookmarking and sharing service ShareThis suffered a data breach. The incident exposed 41 million unique email addresses alongside names and in some cases, dates of birth and password hashes. In 2019, the data appeared listed for sale on a dark web marketplace
- Canva: In May 2019, the graphic design tool website Canva suffered a data breach that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords.
Here is the Complete Sextortion Email Scam
So, here is the email in full from the delightful chap trying to extort money from me – I have removed my old password, for obvious reasons.
Hey, I know your password is: ******
Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn’t updated / patched, in such case it’s enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more – Google: “Drive-by exploit”.
My malware gave me full access and control over your computer, meaning, I got access to all your accounts (see password above) and I can see everything on your screen, turn on your camera or microphone and you won’t even notice about it.
I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!
After that I removed my malware to not leave any traces.
I can send the video to all your contacts, post it on social network, publish it on the whole web, including the darknet, where the sick people are, I can publish all I found on your computer everywhere!
Only you can prevent me from doing this and only I can help you out in this situation.
Transfer exactly 1200$ with the cryptocurrency Monero (XMR) to my Monero (XMR) address.
You can easily buy Monero (XMR) here: www.anycoindirect.eu/en/buy-monero , www.bitnovo.com/buy-monero-online-en , www.localmonero.co , or Google for other exchanger.
You can send the Monero (XMR) directly to my address, or create your own wallet first here: www.mymonero.com , or here: www.cryptonator.com , www.freewallet.org , then receive and send to mine.
It’s a very good offer, compared to all that horrible shit that will happen if I publish everything!
My Monero (XMR) address is: 4BrL51JCc9NGQ71kWhnYoDRffsDZy7m1HUU7MRU4nUMXAHNFBEJhkTZV9HdaL4gfuNBxLPc3BeMkLGaPbF5vWtANQubDtNq5uuC622w4we
Copy and paste my address, it’s (cAsE-sEnSEtiVE), yes that’s how the address looks like and you don’t need to include memo or something else.
I give you 4 days to transfer the Monero (XMR), because some exchanger want your verification first before you can buy Monero (XMR).
As I got access to this email account, I will know if this email has already been read.
If you get this email multiple times, it’s to make sure you read it, my mailer script has been configured like that and after payment you can ignore it.
After receiving the payment, I will remove everything and you can life your live in peace like before.
Next time update your browser before browsing the web!
What Should I Do if I receive a Sextortion Email?
- Firstly, don’t panic. Take a deep breath and remember your reaction is EXACTLY what the scammer is trying to trigger.
It’s VERY LIKELY that your email, name, and password was probably stolen from a compromised website sometime in the past. These website breaches are unfortunately fairly common and sometimes hear about them in the news when companies announce a security breach.
- Scan your computer with anti-virus software to be sure you don’t have any malware installed.
- Search for the cryptocurrency wallet address online and see if other people have reported this too. I looked up the wallet address and found this, so this scammer has been busy the last few months!
- For complete webcam privacy you can cover your webcam camera when not in use by using a simple piece of tape over the lens like Lifehacker suggest here. My wife does this on laptops and all tablets!
- DO NOT reply to the email under ANY circumstances as the scammer will then know your email address is currently used and that you’re worried. They may try and play on this insecurity and try to extort further money from you.
I am of course flattered that these scammers believe private footage of me “satisfying” myself is worthwhile viewing online. It’s really not, believe me!
So, sorry guys for the few of you that were keen to see embarrassing clips of me “satisfying myself” this isn’t going to happen anytime soon – and hopefully not in the future!