Imagine opening your email to see a message from a seemingly legitimate source. The message says that unless you submit a payment in the form of bitcoin, the sender will release compromising photos or information to friends, family and coworkers.
The scam is called sextortion and is a digital variation of an old scheme.
How Do Sextortion Scams Work?
A hacker claims in an email message that they have gained access to your device and sensitive information. You don’t know if it’s photos, emails, text messages or access to online accounts and your mind begins to race.
The hacker issues very vague threats about releasing the information to an employer, friends and family, or posting the info on social media. In some cases, the hacker may share information about what they have.
In return for not releasing the information, hackers usually want payment in the form of digital or cryptocurrency, often in the form of bitcoin. The cybercriminal requests an immediate transfer of funds. Because cryptocurrencies use blockchain technology, which is nearly impossible to trace, the hackers know it will be difficult to identify them or track your money.
Why Do People Believe Cyberthieves Looking to Sextort Money?
Even if the claims are untrue, a cybercriminal may reveal a specific password, given you enough “evidence” to cause panic. The hackers may not even indicate which accounts have been hacked; given how many of us reuse passwords, there’s a likelihood that multiple accounts could be compromised if one password is stolen.
Even if there is no sexual content to hack, there may be other embarrassing or private information that you do not want to reveal. Hackers know this and know you’re more likely to pay up just to avoid any potential exposure.
How Do Hackers Get This Information?
In many cases, the information is purchased on the Dark Web, the seedy underside of the internet where criminals trade stolen data. A hacker may buy thousands or millions of hacked records, knowing it only takes a few unsuspecting victims to recoup an investment in stolen information.
How Prevalent is Sextortion?
During one wave of sextortion, the Federal Bureau of Investigation’s Internet Crime Complaint Center received 13,000 complaints in July and August 2018 about a sextortion scheme. In the U.K., the National Crime Agency reported 1,304 cases in 2017, up from 428 in 2015.
What Can I Do to Prevent Sextortion?
First, know that if you’re contacted by one of these scammers, you’re likely being played. Do not fall for the scheme and do not pay the ransom. Here are a few tips to keep yourself protected:
- Change Passwords. If the hacker shows you a legitimate password, change it immediately on all of your accounts. Using a password manager utility is a good way to manage your login credentials.
- Use New Passwords. Never reuse old passwords and use a combination of uppercase and lowercase letters, numbers and special characters.
- Consider Passphrases. Use a long-form passphrase to make it more difficult to have credentials compromised.
- Add Multifactor Authentication. Two-factor authentication uses two different pieces of information — one known to you (your password or passphrase) and one unknown (such as a code that’s texted or emailed to you at the point of login).
- Cover It Up. Cover the camera on your device with a camera cover or piece of electrical tape.
At LAN Infotech, we help companies keep their systems, networks and users protected. Discover how LAN Infotech’s comprehensive security solutions keep unwanted intruders away by contacting us today.
LAN Infotech is a Microsoft Cloud Services Provider, IT Managed Support company and a leader in helping law firms, nonprofits and medical organizations deploy cloud solutions, manage computer networks, keep data protected and top technology management company. Businesses like yours need technology support to run highly-effective organizations.