Sextortion Email Scams | Avast

In January, Avast protected users from sextortion campaigns which could have led to over 500,000 events worldwide

Sextortion is an emerging online rip-off that benefits from peoples fear that their most intimate moments will be exposed to the general public. They typically come in the form of e-mails, which are not only unsafe and disturbing but can have major real-world repercussions.
Tragically, sextortion email scams have even led victims to suicide, consisting of a case involving 5 different guys in the UK and one in the United States. These are just a few of these kinds of cases.
In January, Avast protected users from various sextortion campaigns which could have resulted in more than 500,000 occurrences worldwide. The majority of these attacks targeted English-speaking users in the United Kingdom and the United States, though we found projects in other languages as well. The image below shows the prevalence of sextortion attacks worldwide:

Another sample email from a Trojan project (in English).

Weve observed lots of other sextortion frauds in addition to Zoom and Trojan campaigns. Some of them are originally in different languages and the material is instantly equated using a tool like Google Translate.
Weve likewise seen a considerable rise in the volume of sextortion emails sent given that January 11– it seems that assaulters are returning to work after the vacations. Weve seen sextortion attacks mentioning hacked programs, software application, website, or using vulnerabilities in a victims router, OS, or RDP.
How to safeguard yourself from sextortion.
While sextortion is scary, there are easy actions you can take to better safeguard yourself against this kind of attack..
If a “sextortion” email appears in your inbox, stay calm. Do not answer it and do not pay money to the attacker. Nobody will in fact blackmail you; its just spam. Even if you get an email that appears like it was sent from your own account, ignore it..
Next, assailants might supply older leaked passwords to enhance the trustworthiness of their risk. If thats the case, change your passwords and follow password finest practices.
Make use of security items that can protect against sextortion.

A crucial thing to note is that theres no chance to be sure that the opponents claims are real. Extremely often the aggressors behind these dangers are bluffing and there is no real video.
This is a generic example of sextortion e-mails. Opponents frequently prepare spam projects with regard to existing trends and occasions.
Weve tracked a range of different sextortion projects in the last 2 months, however two types stuck out as the most common. One is a series of projects abusing the ubiquity of Zoom throughout lockdowns. The other is a series of campaigns that wrongly declare to have actually installed a Trojan on the possible victims system.
Zoom campaigns
The most common campaign we observed took advantage of increased usage of Zoom during the Covid-19 pandemic. Attackers claim that theyve taken advantage of vital vulnerabilities in the Zoom application, allowing them access to a users device and video camera.
Attackers use social engineering techniques and point out Jeffrey Toobins scandal to get victims to pay up. The remainder of the email is a common extortion e-mail, where attackers use phrases such as “the recorded sexual act”, “access to sensitive details”, and “awful reputation damage” and provide payment as an escape..
A distinguishing characteristic of this kind of project is that emails appear like they are sent out from the users e-mail address to themselves. This is another social engineering strategy, intending to make it look like the aggressor truly does have control of their system. In truth, the “from” address has been damaged and closer analysis exposes the real address of the sender.

Other rip-offs and the rise of new post-holiday variants.

What is sextortion?
Sextortion emails misinform victims into believing the attacker owns a recording of their screen and electronic camera and that recording includes images or videos of the possible victim in sexually specific situations. The attackers utilize this claim of a recording to blackmail the victim into paying the attacker.
How does sextortion work?
The assaulters prey on this fear and use other social engineering techniques– such as restricting the time duration for paying– to produce an impression that the users maker is hacked. They may likewise offer a list of activities that an attacker will take to damage the victim.
Below is one example of a sextortion email. The opponent initially declares to understand the potential victim visiting adult sites– an instant attempt to make the possible victim feel guilt or embarassment. The attacker claims to have total control of the prospective victims system and to have actually utilized that control to take or incorrectly create a sexually specific video of the possible victim, asserting their control in the circumstance. The assailant then states that as part of that control, they can send this compromising video to the potential victims contacts. Lastly, the assailant makes the extortion pitch, informing the potential victim they can “make it disappear” by paying $1,350 in Bitcoin. The opponent adds the social engineering method of time pressure, saying the potential victim only has 48 hours to pay the cash.

Trojan campaigns.
The 2nd widespread campaign makes use of the risk of Trojan malware. The prospective victim receives an email in which the aggressors declare a Trojan was set up on their maker a few months previous. The assailants likewise declare that this “Trojan” recorded all of the potential victims actions with a microphone and webcam and exfiltrated all data from the gadgets, including chats, social media, and contacts. They then use a common extortion circumstance: attackers require a ransom in cryptocurrencies. In the end, aggressors include a note about the fake “timer” that started when the email was gotten, in order to set a ransom due date.
Just like Zoom campaigns, these threats are all fake. There are no undetectable Trojans, absolutely nothing is recorded and opponents do not have your data. The timer included in the email is another social engineering strategy used to push victims into paying.
Below is a sample email from a Trojan project (in Spanish).

Sextortion emails deceive victims into thinking the aggressor owns a recording of their screen and electronic camera and that recording contains images or videos of the possible victim in sexually specific situations. The assaulters use this claim of a recording to blackmail the victim into paying the enemy. The assailant first declares to have understanding of the potential victim checking out adult sites– an immediate attempt to make the prospective victim feel regret or pity. The assaulter claims to have complete control of the possible victims system and to have actually used that control to take or incorrectly develop a sexually specific video of the possible victim, asserting their control in the circumstance. The prospective victim gets an email in which the assailants claim a Trojan was installed on their device a few months previous.