Sextortion scams are anything but sexy. These attacks are when a scammer contacts a victim claiming to have captured photo or video footage of their target partaking in some adult debauchery—including on-screen content. They threaten to release the footage to their contacts unless they pay.
Ordinarily, it’s easy enough to ignore these types of attacks, but more recent threats have included the victim’s names and pictures of their homes. Let’s look at what these types of attacks might look like so you can properly address them should they find their way into your inbox.
Dissecting the Sextortion Scam
Sextortion scams operate based on the following assumptions:
- A. Most people access sexually explicit materials and content on the Internet, and
- B. Most people want to keep how they utilize these materials extremely private.
Basically, a hacker will reach out to the target claiming that they have caught the target engaging in adult activities while browsing sexually explicit content. The hacker then demands that the victim pay up. If they don’t, then the target’s contact list gets to see what they do in their personal time.
This type of activity targets a very primal human fear—the fear of being ostracized by their tribe—and if the victim has engaged in that behavior, then the threat could seem credible.
The implications are scary; we’re not denying that. The entire situation could make things extremely awkward and embarrassing for the victim, and it could drive a wedge between them and their loved ones. Just imagine what would happen if their boss, their parents, their friends, their coworkers, or anyone underage on their contact list were to see something of that nature.
Suddenly, paying up to nip that potential issue in the bud is a perfectly reasonable solution… even if it’s not.
The “Proof” is What Matters Here
People are generally more aware of scams these days, but they still don’t really know how to respond effectively.
To counter this fact, scammers have gone to great lengths to make their threats more believable. One way they have done this is through the use of private data. This might include a password that a hacker farmed from a data breach, but lately, they have been using far more sinister methods.
These days, scammers might include pictures of their targets’ homes and make direct references to their addresses in the messaging—and when you receive something like that, it takes the believability of the message to a whole new level.
Addresses Are Just Another Form of Private Data
It’s important to not lose sight of the truth here, though: an address is no different from a password in the context of this scam.
Attackers steal all types of data in data breaches, including usernames, email addresses, and so on. An address is just another one of these variables. It’s easy enough for a scammer to steal an address and type it into a search bar to discover a couple images of the property, perhaps on real estate websites or listings.
Yet despite the ease of this task, people still take the bait, simply because an address and place of residence is such a deeply personal thing.
Young People are Especially at Risk
Sextortion scams have been getting much attention lately, unfortunately due to scams targeting minors.
In some of these situations, these scams have led to fatalities, as the targets did not see a solution to their situations. There was a reported 20% increase in sextortion scams against minors from October 2022 to March 2023 compared to the previous year. It’s likely that the threat surface for these attacks is one cause of this increase.
Considering the various platforms used by minors—cell phones, gaming consoles, tablets, and other connected devices—it should come as no surprise that young people are often the targets of these attacks.
The US Department of Justice is fighting back, though, and in one case has indicted four men from Delaware responsible for allegedly attempting to extort nearly $7 million from their victims around the world. They successfully brought in about $1.9 million through payment applications, enough to ruin more than a few lives in the process. Their charges could potentially land them in prison for 20 years if they’re found guilty.
All of this might have you wondering, though… how do you avoid and deal with a sextortion scam?
How Should You Respond to a Sextortion Scam?
The Better Business Bureau provides the following advice to help avoid falling victim to this kind of scam:
- When speaking to someone online, search their name to see if it’s reported to have been used in a prior scam or if it’s the name of a famous person. Read our tips on romance scams to learn more about safe online dating.
- Never send compromising images of yourself to anyone, no matter who they are—or who they say they are.
- Seek out legal counsel if you fall victim to one of these scams.
- Search the web or BBB Scam Tracker for one or two sentences from the email to confirm it is actually spam. You can access the BBB Scam Tracker here.
- No matter what the email threatens, do not respond and delete the email.
- Do not open attachments or click links in emails from people you do not know. Doing so leaves you vulnerable to identity theft and malware.
- Never send money or buy a gift card, or do anything to comply with the demands in the email.
- Do a security check on your computer and install security software.
- Enable two-factor authentication on your important accounts.
- Change passwords often, and consider getting a password manager to ensure your passwords are strong and unique.
- Cover your webcam when not in use to give you peace of mind.
- Check to see if your email was compromised in a security breach and change passwords as necessary.
The Have I Been Pwned website is a helpful resource for identifying if your email is part of a data breach. If you are targeted, report the scam to the FBI and the BBB.
Remember, security is vital both in business and in your home life. If you feel your business could use a security boost, call us at (281) 916-1101 to learn more.