Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Can an iPhone be Hacked?

author photo

Is the Porn Blackmail Scam Real?

by on April 22, 2020
in Computer Safety & Support, News, Computers and Software, Blog :: 627 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

What would you do if you received an email from someone claiming to have hacked your computer and recorded you via your webcam while you were engaged in watching porn, then threatening to send the video to everyone in your email and social media contact lists if you don’t pay a $260 ransom? Would you pay the ransom? Even if you’ve never viewed porn, what if they made the same threat to reveal the private details of all your emails?

This is exactly the situation some of our readers found themselves in recently, and they contacted us for help on how to proceed.

Here is an example of one the emails [grammatical errors left intact]:

Good Morning my friend. I represent the group of web criminals in Iran. I use this mail address because we think that you will check it. Few times ago my team put the virus on web-site with porn and as far as you clicked on a play button your system started shooting your screen and activating camera to capture you self-abusing. Eventually I mean you understand what compromising evidence Ive earned. Moreover, this software made your device act as dedicated server with plenty of functions like keylogger, parser etc. To sum up, my software picked all data, especially all your contacts from messengers, e-mails, social networks. If you wanna make me silent you must make a transaction of 260 dollars with bitcoin. 1K2auXQEKz7Ro8cRa2xr3bAPV2n6KT5vi1 You must use it as usual credit card number. If you send bitcoins nobody will see your shame. Watch youtube manuals about methods of buing BTC... I can offer you this exchanger: localbitoins.com.  If you have a problem with this, you can search comfortable ATM for bitcoin at coin atm radar. I give you no more than twenty four hours since you read our message to pay. You can complain cops, but they can not find us I use bot network, and of course we live abroad. If you want us to show proofs we will share it to seven mates from your data after that you will be given their contacts. So you will ask them if something strange was received about you. For some questions just reply. Dont be fullish, AmAZinGcRackeR$.

Scary, right? And there have been instances where victims’ computers were hacked, they were filmed in various states of undress (or worse) and then blackmailed that may make this threat seem all too real. But there are several indications that this is nothing more than a phishing scam, hoping to rope in active porn watchers with false threats (an easy demographic to target via mass email given that the world’s largest porn site, Pornhub.com, gets 75 million visitors PER DAY).

First, there is nothing in the email that demonstrates they know anything personally about you: it’s not addressed to you by name and there’s no detail about what site you supposedly visited and when. Nor did they supply a screenshot of the “self-abusing” they allege to have captured. In fact, they are explicitly discouraging you from asking for proof, by threatening to share said “proofs” with your “mates” if you ask. That is completely contrary to how we would expect a real hacker/blackmailer to act – if I wanted to scare the bejesus out of you to get you to pay, the first thing I would do is show you a compromising screen capture to prove that this is very, very real.

Another red flag is that when our readers ran scans using antimalware tools, no malware was detected. Antimalware tools aren’t perfect, but the better ones should have picked up the type of remote administration tool (RAT) described in the email.

Searching the web, there are reports of people receiving similar email scams, going back at least to last fall. The wording of the email varies, including where the scammers claim they’re from, the nature of their threat and the amount of money being demanded. Some people are falling for them, but fortunately not many. I researched a selection of the bitcoin accounts used in these scams and none of the emails had duped more than a handful of victims.

Unfortunately, these scams will likely continue and morph into new threats as the ubiquity of bitcoin makes it easier for scammers to hide behind these accounts and for victims to pay. In fact, while this article was originally written in March of 2018, Sophos security recently released a new study, based on millions of porn blackmail emails that were sent between September 2019 and March 2020, demonstrating this to be the case. During that period, sextortion emails made up 4.23% of all spam observed by Sophos. The study also showed scammers are using new methods for obfuscating email content to evade spam filters, enabling them to collect nearly a half million dollars in payments from victims during the same period. Fortunately, despite some payouts, potential victims seem to be becoming wise to the scam, as only half a percent of the Bitcoin addresses used in the spam messages received any payment, according to Sophos.

So, if you get one of these emails, should you pay the ransom before all your friends find out what you’ve been up to?

The answer is no, don’t be “fullish”.

[EDITOR'S NOTE REGARDING PASSWORD APPEARING IN THE EMAIL SCAM 7/12/18: A number of people have posted in the comments that they received a version of the email which includes a real password they've used in the past. Does this mean that they should be concerned? The answer is No and Yes. No, you shouldn't be concerned that your computer was hacked and you were actually filmed watching porn - it's still a scam. But, yes, you should be concerned that your password has been leaked through a data breach. Security researcher Troy Hunt has uncovered more than 500 million passwords leaked through these breaches. That password in the email was likely one of them. 

If it is still an active password for you, the scam email should be a big wake up call that you need to ensure you are using unique and secure passwords for every one of your accounts. We strongly recommend a password manager like Dashlane or 1Password , which will automatically check your passwords to see if they have been revealed in a breach and help you create unique, secure ones for every site.]

[EDITOR'S NOTE WARNING ABOUT ATTACHMENTS 7/20/18: One reader reported receiving an attachment titled "Invoice" with the porn scam email. If you get an attachment, DO NOT OPEN IT. Email attachments are one of the primary ways hackers use to install malware on your computer, which could turn this fake malware scam into a very real one.]

[EDITOR'S NOTE ABOUT EMAIL SPOOFING 10/19/18: Many readers are commenting that the porn blackmail email appears to be sent from their own email address, causing added concern the hacking claims may be real. But don't be fooled. Email spoofing has been around for a long time and is relatively easy to do. Usually the message headers will reveal the true sending email address. Here's how to tell if an email has been spoofed.]

[EDITOR'S NOTE ABOUT WORK VS PERSONAL EMAILS 1/21/19: A number of people are expressing concern in the comments that the blackmail email is coming to their work email, instead of their personal email (or both). It doesn't matter — an email address is a email address as far as this scam goes. Billions of emails have been leaked over the years, many of those from business-focused services such as Dropbox, LinkedIn and Adobe. If I check to see which of my email addresses have been involved in breaches, my work email has been breached many more times than my personal email.

Originally published 3/12/18. Updated 4/22/2020 with new data from Sophos

[Image credit: Man in a dark room at a computer via BigStockPhoto]



Discussion loading

gravatar

duct tape

From Will on May 25, 2020 :: 2:08 pm

Just put a piece of duct tape over your webcam to remove all doubt smile

Reply

avatar

Not duct tape!

From Josh Kirschner on May 25, 2020 :: 8:57 pm

Duct tape will leave a sticky mess on your computer. A Post It is better!

Reply

gravatar

Confused

From Sally on June 03, 2020 :: 1:01 am

Hello! I received one of these emails back in May and blocked and deleted the emails but I recently got 6 new emails titled “I KNOW EVERYTHING” with one of my old passwords that I changed and I though that the instances were related so I deleted the emails permanently. I was just wondering if anyone has had the same occurrence and could lend me a hand with this situation.

Reply

gravatar

Online Blackmail

From Alisha on July 28, 2020 :: 2:43 am

Both men and women can be victims of online blackmail, either by being coerced into carrying out sexual violence through online. The finest way to stop yourself from winding up as a victim is to be very careful regarding who you befriend with online, particularly if you’re considering sharing anything personal with them.

Reply

avatar

The blackmail scam continues - latest version

From Josh Kirschner on August 10, 2020 :: 3:52 pm

The latest version of this scam I received today. Spoofed to look like it was coming from my own email address. Sadly, bitcoin wallets connected to the wallet below have seen more than $40k in inbound transfers.

—————————-
Re: I will forward the video to your relatives, friends, and co workers

The last time you visited a pornographic website with young teenagers, you downloaded and automatically installed spying software that I created. My program has turned on your cαmera and recorded the act of ur mαsturbatίon and the vίdeo you were watching while mαsturbating. I also got your contact lists, phone numbers, emails, social media contacts. I have the mark.mp4 video file with ur mαsturbatioɳ and a file with all your contacts on my hard drive. If you want me to delete both files and keep your secret, you must seɳd me the Bitcoin pαyʍent. I give you lαst 72 houɼs to trαnsfer the funds.

Amount: 0.085 Bit-Coin (approximately)

Bit-Coin Address Part 1: 1FpQsNhGgLYmXx9S3fA
Bit-Coin Address Part 2: JaR2JCw634zovRj

Important: You must put the two parts together (Bit-Coin Address Part 1+Bit-Coin Address Part 2) with no spaces between them. You may also save that somewhere not to lose the details.

Next time you cover your cameras, somebody may watch it! Limit yourself to one time per month if you can`t go completely NoFap.

Reply

gravatar

Helppp

From Sakshi on August 12, 2020 :: 4:04 pm

Hi, yesterday my dad recieved such an email, and i am terrified. But after reading this page, i did feel a little bit better. His email had a similar message, but it also included one of his password from a few not so important, rarely used websites, for eg. random newsletter subscriptions, etc. Now I know for a fact that he does not watch porn, all of his apps, devices etc is secure, like literally even the light entering his device has to ask permission. But I sometimes do watch porn, on incognito or using free unsecured VPN. But there is literally no connection between my dad recieving this email and me watching stuff on my phone because i use VPN or incognito mode, none of his accounts are signed in in my phone, we don’t use the same wifi cause of different data packs. So if the hacker even recorded me, how does he digitally know that we are connected/related? Please help! This didn’t happen because of me right?? I am about to me exposed to my dad😱😵

Reply

avatar

Nothing to worry about

From Josh Kirschner on August 12, 2020 :: 5:28 pm

I believe I covered this pretty clearly in the article. It’s a scam. They didn’t record you. Ignore it.

Reply

Read More Comments: 1 2 3 4 5 6 7 8 9 10 11 12 13

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Newsletter Archive
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.

site design: Juxtaprose