There’s a new webcam or sextortion scam going around in the UAE that would terrify you if it ever landed in your inbox.
But authorities advised recipients not to fall to this webcam blackmail.
It starts with an email
These hoax sextortion emails are slightly different depending on who’s being attacked, but they all have a few similar features. The subject line includes a password that the recipient probably has used at some point.
The sender says they have used that password to hack the recipient computer, install malware and record video of you watching pornography through the webcam.
51, 146 electronic extortion cases in 2018, which caused losses of $83 million
They say they will reveal your adult-website habits and send video clips of you to your contacts unless you send them bitcoin, usually worth $1,000 to $1,800 (Dh3,673 to Dh6,611).
This is generally known either as “webcam blackmail” or “sextortion scam” and the email should have been diverted to your spam folder. Millions – perhaps billions – of similar emails have been sent over the years, but there seems to have been a flood of them over the past few months in the UAE and across the world, according to officials at Abu Dhabi Police Cybercrime Department at the General Department of Criminal Investigation.
These low-tech frauds spiked in 2018, according to the FBI’s Internet Crime Compliant Center (IC3), netting millions for scammers.
51,146 cases reported
Last year, electronic extortion complaints rose 242 per cent to 51,146 reported crimes, with total losses of $83 million, FBI has said.
Cybercrime experts say very few people ever make the requested payment. However, since the cost of sending millions of spam emails is basically zero, even a few payments are easy profits.
While there are examples of real sextortion, especially involving the theft of real nude photos or videos, hoax sextortion emails have no basis in reality.
242% rise in electronic extortion complaints handled by FBI’s Internet Crime Compliant Centre in 2018
Scammers claim they have evidence of your affairs, has hacked your webcam to take damning photos or videos of you or has evidence of pornographic material you’ve viewed.
Here’s a sample letter Gulf News readers have received:
I am well aware [*****] is your password. Let’s get right to the point. Not a single person has paid me to investigate you. You may not know me and you are probably wondering why you’re getting this e-mail?
Actually, I installed a software on the adult videos (pornographic material) web-site and do you know what, you visited this website to have fun (you know what I mean). While you were viewing videos, your web browser began working as a Remote Desktop that has a keylogger, which gave me accessibility to your display and also cam. Just after that, my software gathered every one of your contacts from your Messenger, Facebook, as well as email. After that I created a double video. 1st part displays the video you were viewing (you’ve got a nice taste haha), and next part shows the recording of your cam, yeah it’s you.
Email sender “You have not one but two options:”
First is to just ignore this message. In such a case, I am going to send out your actual video to every single one of your personal contacts and think how awkward this will definitely be especially if you happen to be in a loving relationship?
Second option is to pay me $1797. Let’s name it a donation. In this situation, I most certainly will asap remove your video footage. You could carry on daily life like this never occurred and you surely will never hear back again from me.
You’ll make the payment through Bitcoin (If you don’t know this, search how to buy bitcoin in Google search engine).
The sender then gives the bitcoin account address.
How to deal with the hoax emails
Officials of Abu Dhabi Police Cybercrime Department at the General Department of Criminal Investigation advised recipients of these hoax sextortion emails to have a healthy level of skepticism. Then, remember, these scammers almost certainly haven’t been recording you or have access to this type of information, if it even exists.
Compromised passwords have usually been obtained from one of the security breaches that have exposed details of billions of users.
In 2017, Yahoo admitted that its data breaches compromised three billion accounts. Other major breaches involved Marriott International (500 million customers), LinkedIn (164 million), Adobe (153 million), eBay (145 million), Sony’s PlayStation Network (77 million), Uber (57 million) and Ashley Madison (31 million).
The best solution
The best way to deal with hoax sextortion and other spam emails is to delete them on sight. Don’t open them, don’t reply to them, don’t open any documents that may be attached to them, don’t click any links in them, don’t enter any information into websites fetched by those links, and definitely don’t send them any money.
Many of these emails will include a transparent, single-pixel image, known as a beacon. When you open the email, it fetches the tiny image.gif file from a remote server, so the spammers know they’ve hit a live, working email address.
Also bear in mind that spam and phishing emails may include attempts to infect your computer with malware. This is why you should keep your anti-virus software and operating system up to date.