Scam of the Week – New sextortion scam uses old passwords to con victims out of cash
Sextortion scams are nothing new, but in the latest scam to hit the headlines, victims are being blackmailed with one of their old passwords to pressurise them into paying a ransom.
Victims have reported receiving emails informing them that a Remote Administration Tool (RAT) has been installed on their computer. A RAT is a type of malware program that allows a malicious user to remotely control the system, potentially giving them full access to the victim’s webcam.
The email warns the victim that they’ve been recorded performing a sexual act and that unless they pay a $2000 ransom in Bitcoin, the video will be released to all their contacts.
What differentiates this email from the host of other scams doing the rounds is that the victim’s password is included in the subject line of the email. By using a legitimate password, many recipients are tricked into believing the scam is real and are convinced that the only way to silence their attackers is to pay the ransom.
Image: Sextortion email (Source:
It’s thought that the compromised passwords have been stolen from one of the many data breaches that have taken place over the last few years. Many of the passwords are old and no longer in use, however some users may still be using the same password and are strongly advised to change it immediately.
How to respond to a sextortion email
1. Don’t panic: The crooks almost certainly won’t have any compromising footage of you, they are simply trying to scare you into making a payment. Millions of these emails are sent out every day in the hope that at least a few people will be tricked into sending money.
2. Don’t make any payment to the criminals: The criminals may promise that any compromising material will be deleted as soon as you pay the ransom, but the likely scenario is that as soon as you make a payment, the blackmailers will come back demanding a higher amount.
3. Scan for malware: If you’re worried that your device may have been compromised, you should use an up to date Anti-Virus software solution to run a full system scan. This will give you peace of mind and let you know if if any malware has been detected.
4. Check the email address and password on Haveibeenpwned: To check if your email address and password has been compromised in a data breach, you can safely enter the details on the Haveibeenpwned website. The site will check your details against multiple data breach records and inform you if your data has been stolen.
5. Change Passwords: If the sextortion email includes a valid password that you still currently use, you should change the password immediately. A strong password should be between 8-15 characters long, a mix of uppercase and lowercase letters and include numbers or symbols. For extra security, a passphrase can be created which is a password composed of a sentence or combination of words. The first letter of each word will form the basis of the password and letters can be substituted with numbers and symbols to make it more difficult to crack.
6. Turn off your Webcam: To protect your privacy, you should make sure that your webcam is always covered and turned off when not in use.
7. Report the Incident: If you are in the unfortunate position of having responded to one of these emails, you should immediately contact your local police and internet service provider to report the crime. It will be dealt with in the strictest confidence and you will not be judged.
Our award winning MetaPhish solution provides a powerful defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.