Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

We respect your Do Not Track preference.

I know your intimate secret and I have proof of this Charles Mabbett
5 June 2019 at 10:03

sextortion

I recently got privacy advice from a blackmailer. The email said he or she had studied my love life and created a video series about me. The first part apparently showed the X-rated video that I watched and the second part, taken with my webcam, showed me doing “inappropriate things”.

He or she warned me that they had hacked my computer and harvested all my contacts from Messenger, my social media networks and email.

I had two options, they said.

“The first option is to ignore this email. Let me tell you what happens if you choose this path.

I will send your video to your contacts, including family members, colleagues, etc.

This does not protect you from the humiliation that you and your family need to know when friends and family members know about your unpleasant details.”

And the second option?

“The second option is to pay me. We will call this "privacy advice." Now let me tell you what happens if you choose this path.

Your secret is your secret. I immediately destroy the video. You continue your life as if none of this has happened.”

They then included a Bitcoin address link and told me to use it to make a payment of $US775, helpfully recommending doing a Google search on “How to buy Bitcoins”.

I had 48 hours to pay.

I didn’t pay.

Sextortion

It’s a scam email, known commonly in the business as a ‘sextortion Bitcoin scam’. Netsafe has a page about them. You can also read about them in this Guardian article and on this blog about malware

The aspect I found most intriguing is that the blackmailer’s email (which incidentally had been captured by our office’s spam filter) appeared have come from my email address.

It seems most email services have no way of authenticating the ‘From’ and ‘Reply to’ fields. This means spammers can fill these fields with anything they like. It gives credibility to their claim they’ve hacked your device and can send emails as you (which they haven’t).

Be aware

But what can you do? The first is to be aware that these techniques are being used. If you encounter them, report it to the Department of Internal Affairs spam team here. Then, delete them. Don’t click on any links and don’t open any attached documents. Finally, make sure that your anti-virus software is up-to-date and working vigilantly.

You’ll then know what to do when a blackmailer emails to say they’ve infected your computer with ‘darknet software’, seized control of your webcam and made a compromising video of you. Because the chances are it’s just not true.

Image credit: iPredator by Michael Nuccitelli (public domain via Flickr)

Back