In its recent article, Cybersecurity of the Philippines-CERT (CSP-CERT) illustrates how sextortion scams happen with victims often left helpless and opt to just give in to the criminal’s demand.
In CSP-CERT’s explanation, people’s common preconception of sextortion is the one where an individual would blackmail his or her partner in exposing a sex video or otherwise it will be uploaded on the internet for the whole world to see.
Cybercriminals are now using compromised username and passwords to commit a scam.
Cybercriminals who were able to pass through security layers in corporate or personal computers claim to have stolen data that would reveal the victim’s online “online activity,” such as watching porn. Criminals will send an email detailing the said activities and threaten victims that they will be exposed to families and friends whose contacts the criminals were also able to obtain. In the said email, the scammer will demand victims to pay $1,000 in Bitcoins.
The elaborate email is threatening enough that the victims will most likely pay up to avoid public humiliation.
CSP-CERT checked the given Bitcoin address <15fz5i8eugbYLAcjANiNXhgRDdUtMd64Hw> based on the actual email from a victim and it doesn’t have anything on it yet. “No transactions and 0 balance,” writes CSP-CERT.
The security team also notes that this is looking to be a “global operation as our Research Science group also saw some victims using the same medium overseas via the article on KrebsonSecurity.”
The team says that “compromised personal computers, laptops, smartphones, and storage devices are some of the sources” of these scams. They noted commands from newly created batch files and power shells in computers and laptops searching files and folders.
“Another avenue you need to be careful is having your gadgets fixed with untrusted shops and repair stations so please be careful and safeguard your gadgets,” writes CSP-CERT.
The team also noted a rise in this kind of blackmailing but some victims choose to not report it either to avoid any public exposure or afraid of the criminal’s threats.
The team advises people to check their email through https://haveibeenpwned.com if their account has been compromised even in the past. “If your email says it was pawned make the necessary changes to your password and make it as strong as possible.”
CSP-CERT also offers steps on what to do should one becomes a victim of a sextortion scam on its site.