Bitcoin Extortion Email
Starting in July a Sextortion email scam has been inundating peoples' inboxes. Some reports show individual email boxes receiving the threatening email 2 - 3 times per day in the last couple of weeks. For those who have visited adult websites and have a webcam either on their laptop or setup nearby, the scam feels pretty scary. However, a critical look at the email shows it for what it is, a scam.
Below is one of the actual emails. The identifying information has been obscured. In every case the Subject reads the individuals email address : password and the password is repeated in the body of the email. Every user we've spoken to has acknowledged that the password provided is a legitimate password that they used approximately 10 years ago. Interestingly everyone we have spoken to has also identified this email / password combination as their original login information when they first setup a Facebook account. None of the individuals are still using this combination and one has said the only place they used this particular combination, to their recollection, was for Facebook. We will be watching closely to see if the source of this database is uncovered.
In all cases we've seen the passwords are legacy passwords. Legacy meaning they do not meet today's password standards as required by nearly every site you create a password to access. The term legacy, as it is used when discussing technology, is defined as something that paved the way to the standards that would follow. These are early passwords, many do not contain alpha and numerical characters. If they do there are few capital letters and definitely no special characters (!@#$%^&*). This allows us to get a fairly good idea of the age of the database being used. Sure plenty of people are still using things like 12345678 or qwertyuiop where they can get away with it, but most sites are forcing people to use more sophisticated passwords.
Reading this, we hope it is clear that this is fake and should be dismissed as such. But remember these guys prey on fear and if you've ever been afraid that someone was using your webcam to record you this scam may lead you to paying the $1,000 - $1,500 being demanded by these criminals.
So just how many people have paid?
As of July 26, 2018 there were 101 verified victims. The Bitcoin address with the verified victim transactions currently has 44.52931433 Bitcoins in it. Based on the July 26, 2018 price per Bitcoin that is $353,185.15 in US Dollars. Unusually the IP address associated with the Bitcoin address is a US address. That may mean these are very unsophisticated criminals who found an old compromised list and are trying to make a few bucks "immidiately" and "what else should I do?" both read like someone threw the email together without much care. Or it could be a more sophisticated group masking their IP address behind a domestic one.
Email scams, using Bitcoin as the payout, are a lucrative business. These scams aren't going anywhere. If anything they will likely continue to be more prolific. Always remember fear is the name of their game, if you read an email that scares you, stop and really look into it before you pay!