Online scammers have been innovating of late. In the last month, one group of ne’er-do-wells has sent out spam emails telling recipients they’ve been caught watching porn through their webcam, and if they don’t pay, all their dirty laundry will be aired in public. That’s not new. But putting a novel twist on that scam, the crooks are sending through passwords they claim to have stolen as proof they have been spying on the victim. So far, more than 150 people have coughed up $250,000 in Bitcoin for fear of their private Web browsing habits being exposed.
And yet the claims that the hackers have stolen passwords and obtained access to webcams appear to be lies. The perpetrators of this particular deception have simply collected passwords from previous data breach leaks. Nevertheless, they’re duping enough people, making more than 30 Bitcoin in a matter of weeks, according to a cybersecurity expert who has been tracking the attacks. And, the researcher said, the cybercriminals have now made three times as much as the individuals behind WannaCry, the ransomware that spread rapidly around the world in 2017, causing disruption at hospitals and other businesses.
According to a Netherlands-based security researcher who goes by the name SecGuru, there are two variants of the spam email. The first does not come with a stolen password and asks for between $200 and $700. The second contains a password and asks for between $1,900 and $8,000. In those latter attacks, the emails were sent from real Microsoft Outlook and Hotmail addresses, making them more difficult to block. The hackers have also been using multiple Bitcoin wallets to receive funds, again helping them evade anyone investigating them.
SecGuru told Forbes over email there are three main reasons the blackmail attacks have been successful. The first was simple: people often watch porn on their computer and so could easily be convinced a hacker knew what they were doing. Second, it’s certainly feasible to gain access to someone’s webcam to watch them, and it’s happened before. Finally, as the hackers have obtained old victim passwords that were once (or still are) in use, it’s easier to manipulate recipients into believing their computer has been taken over.
The scam email
As per a tweet from SecGuru on July 17, the scammers claim to have hacked their way into unnamed adult video websites. “It is just your bad luck that I came across your bad deeds. Let me tell you, I placed a malware on the adult videos (sex sites) and you visited this website to have fun (you know what I mean).” The scammer also claims to have pilfered all the victims’ contacts from social networks and email accounts, before asking for the payment, or what they called a “privacy fee.”
Anyone receiving such sextortion messages has been advised not to pay. If they’re still using the password provided by the attacker, change them across all sites where it’s in use as soon as possible.
By using Troy Hunt’s HaveIBeenPwned.com website, it’s also possible to find out where emails and passwords have leaked. That should be enough to provide protection from any possible hack carried out by this group or other hackers who’ve obtained login details.
For those who are particularly concerned about being spied on via their webcam, try putting a cover over it when it’s not in use.