(713) 621-6000
Contact us today!

AltexIT Blog

Altex Business Solutions has been serving the Houston area since 1993, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

Don’t Be Fooled When Scammers Threaten to Spill a Dirty Little Secret

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

The Sextortion Scam
It’s as screwed up as it sounds. A scammer emails you saying that they got access to your passwords, and then started to run amok to see how much trouble they could get you into. They even show you one of your passwords to prove it (the password will likely come from lists found on the dark web from online businesses and services that have been hacked and stolen over the years). Then the scammer admits they’ve been watching what you do on your computer and recording your webcam, and they happened to catch you at a very inopportune time... Well, let’s let the email explain it for us. 

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The reader is then given the address to a Bitcoin wallet, where they are to send the ransom.

The email continues:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This email comes in a few different versions in the wild, but all of them follow the same pattern and end with the same threat… fork over the cash, or everyone will see you in your most private moments.

Is This a Serious Threat?
This is a very real concern for many people, who will be relieved to hear that, no, there is no indication that these threats are for real. The first clue is the fact that the passwords that the email provides are usually a decade old, indicating that they came from some (relatively) ancient database from some long-forgotten hack.

However, in some ways, this is even worse news, because this threat has made a tidy sum of money: as of the 31st of July, the scam had brought in $250,000, as compared to just over $50,000 by the 19th. Clearly, this scam has been plenty effective for the perpetrators, and this won’t deter others from following its example.

Keeping Yourself Safe from an Actual Attack
Granted, this attack is just an unfair wager, but scams like this are more than possible for a criminal who actually means what they say/threaten. As a result, the security lessons we can take away from this particular attack still apply.

The first thing to remember is also the first rule of passwords - change them frequently. Again, this scam has made quite a bit of money based on a total bluff... a bluff that, paid in increments of $1,400, was worth $250,000 and counting. From this, we can infer that quite a few people who received this message had online activities that they wanted to hide, and more critically, that their passwords had remained the same for all those years.

This is an excellent example of why it is so crucial to regularly update your passwords, without repeating them - if an old database is hacked, as happened here, you won’t have to worry if your password is revealed - it won’t be any good anymore.

The second thing to remember? If you aren’t actively using your webcam, keep its lense covered up.

For more best practices to follow, including those that will improve your business’ security, make sure you keep checking back to this blog - and if you want to take more action, reach out to us at (713) 621-6000.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 14 August 2018
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *
    • Please enter the following code in the field below:*

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Privacy Hackers MediTouch Backup Business Computing Hosted Solutions Malware Microsoft Productivity Google Network Security Business Internet Medisoft Email Disaster Recovery Efficiency Mobile Devices Innovation VoiP Business Continuity Managed IT Services HIPAA Software IT Services Data Miscellaneous MACRA IT Support Windows 10 Hardware Android Workplace Tips Data Backup Outsourced IT Server communications MIPS User Tips Network Upgrade Managed Service Provider Windows Medisoft 21 Computer Browser Communication Security Risk Assessment Cybercrime Smartphone Mobile Device Management Data Recovery Computers ransomware Ransomware Virtualization Cloud Computing Holiday Office Save Money BDR Saving Money Hacking Alert Tech Term Electronic Health Records Business Management Marketing Microsoft Office Internet of Things Chrome Smartphones Social Media Automation Cybersecurity Social Engineering Employer-Employee Relationship Mobile Computing Small Business BYOD Quick Tips MACRA/MIPS Information Technology VPN Passwords Application Collaboration Gadgets Telephone Systems IT Solutions Recovery Remote Monitoring Operating System Mobility Health Managed IT Services Remote Computing Spam Artificial Intelligence Avoiding Downtime Bandwidth How To Two-factor Authentication Law Enforcement Budget Managed IT App Bring Your Own Device Office 365 Money Office Tips WiFi Flexibility HIPAA Security Big Data Gmail Applications Data Security Redundancy Password PQRS Networking User Error Phishing EMR in the Cloud Electronic Medical Records Apple Website Private Cloud Business Intelligence IT Support Data Protection The Internet of Things Router Compliance Data Breach EHR Facebook EHR in the Cloud Data Management Search Google Drive Unified Threat Management Lithium-ion battery History Administration HIPAA Compliant Black Market Blockchain Save Time Identity Theft Phone System Document Management Mouse Wireless Technology Proactive IT Vulnerability Retail Firewall Work/Life Balance Vendor Management Value iPhone Word Going Green Mobile Office Entertainment Wi-Fi Apps HaaS Connectivity Mobile Device Windows 10 IT Consultant Unsupported Software Solid State Drive eWaste OneNote Education Streaming Media Cleaning Smart Tech Settings Public Cloud Touch Type Talk Safety CES Information Update Instant Messaging Encryption Fax Server Memory CMS Antivirus Content Management Data loss Government Biometrics Shadow IT PDF Spam Blocking Business Owner Internet Exlporer Human Resources Network Congestion Medisoft 17 Hard Drives DDoS Humor Best Practice Sports Credit Cards Downtime Outlook Data Storage Colocation Meetings Data storage Content Filtering Access Control Worker Commute Computing Infrastructure YouTube PowerPoint Windows 7 Environment SaaS Infrastructure Robot Analysis Productivity Excel Risk Management Virtual Reality File Sharing Comparison IT Management End of Support Legal Hacker Wireless Paperless Office Servers Workers Training USB IT Plan Physical Security Analytics Customer Relationship Management Uninterrupted Power Supply IoT Millennials Devices Advertising Touchpad Wireless Charging Healthcare Sync Managing Stress Emails Software as a Service Appointment reminders Cost Management Criminal Telephone System Customer Service Workforce Thought Leadership PQRS Eligible Professionals Software Tips ICD -10 code Video Games Windows 8 Wearable Technology Fiber-Optic Machine Learning Virus Current Events Telephony Netflix Electronic Statements Root Cause Analysis Relocation Tech Support IT service Telecommuting Content Filter 2017 MACRA Hybrid Cloud Skype October 1 Scalability Tablet Running Cable Cables HVAC Knowledge Managed Service Google Docs Insurance Online payments Users Notifications Domains Remote Work Storage MediTouch' HBO Leadership Start Menu codes Big Deal Tablets Unified Communications Enterprise Content Management MSP Voice over Internet Protocol Practices BillFlash Screen Mirroring Programming Maintenance Addiction Frequently Asked Questions physician – Mobile Techology How to Theft Password Management Staff Consultant Multi-Factor Security Hosted Computing lytec Cast Files home Altex HIPAA Shortcut People Cache Lytec Tip of the week webinar Professional Services Windows 10s Distributed Denial of Service Cortana NIST Disaster Social Digital Signature Best Available Trending Inventory Productiity Patch Management Automobile time Physician burnout isn ’t fun Keyboard Fraud Wireless Internet Charger Windows Server 2008 Conferencing Tools healthcare regulations Meaningful Use Analyitcs Google Apps Cryptocurrency Social Networking Strategy Lifestyle Scam patients Amazon Wire Windows Media Player Computer Care Ransomware' Audit Monitor Advancing Care Information Safe Mode User Authentication Data Warehousing Value Based Modify Medisoft Upgrade NarrowBand Amazon Web Services Smart Office Samsung Regulations Botnet Computer Fan Reputation IaaS Password Manager Virtual Desktop Claims Accountants Bluetooth Nanotechnology Top Medical Billing Software Systems Billing 2015 Quality Payment Program Chromecast Online Currency Online Shopping EHR Incentive Travel FENG Customers Bloatware Business Mangement Business Technology Automated Specifications Electronic Medical Records EMR Internet exploMicrosoft HealthFusion ’s MediTouch software Twitter Laptop Science SharePoint Evernote Students Medisoft V21 Flash WIndows 7 Lytec 2017 Battery Entrepreneur Recycling Virtual Assistant

      Top Blog

        It was a routine morning in the office that day, recalls Dr. Lanter. He saw patients, the weather wasn’t bad. People in Rockaway were surfing before the storm, which is typical. “I figured it was going to rain, it was going to blow, but it was not going to be that bad. Big storms had come an...
      QR-Code