Last week I talked about being sextorted and this week, I want to give you some advice on how to deal with an email like this and how to avoid falling victim in the first place.

How does the scam work?
The victim receives an email stating that their computer has been hacked and the scammer has obtained recordings of them watching porn and masturbating to that porn. The video is often described as split-screen, with one half showing the porn video and the other side of the screen showing the victim masturbating. Now the odds are good that the victim has at least masturbated to porn on their computer. This means that the victim often will believe the scam and will want to send money to make it all go away.

Usually, the email contains a copy of the victim’s password. I’ll go into how the password is compromised in a few. The scammer goes on to state in the email that the hackers installed a trojan on their computer and besides the illicit video, they also have all the contacts on that computer. They then threaten to send the video to everyone on the contacts list unless they send money. The money is usually bitcoin, which is untraceable.

What do I do?
First and foremost, the scammer hasn’t hacked your computer, they haven’t installed a trojan and there isn’t a video (at least not the one that they claim they recorded). Follow the below advice:

1. Don’t respond/reply to the email (the sender’s email is spoofed)
2. Don’t send payment to the scammer
3. Immediately change your email password on the account the email was sent to
4. Visit “Have I Been Pwned?” (http://haveibeenpwned.com/) and check to see where else this email address has been compromised
5. Delete the scam email (mark it as spam if your email system supports it)
6. Get a password vault and use a different password for every website you visit
7. Report it to the FTC (if you live in the United States) https://www.ftc.gov/Complaint

How did I become a victim?
Somewhere, somehow, your password was compromised (“Have I Been Pwned?“), a scammer purchased the database that contained your compromised password and thousands or millions of other compromised passwords. If you go to “Have I Been Pwned?” and enter the email address, you will be presented with a list of compromised accounts that your email account is listed. Basically, a website that you have visited and used that username and password on was hacked and the database was stolen. The stolen database is listed for sale, usually on the dark web. Some scumbag toys around on the dark web and purchases the database. They start spamming everyone on the list, hoping that they will fall for the scam and send them money.

And the really sad thing is that it works, they are making money and they are making big money.

Resources:
BitcoinAbuse – A website dedicated to tracking Bitcoin wallets that are used in scams
FTC Complaint Form