According to research conducted by UK cyber crime investigation firm Digital Shadows and reported in The Next Web, cyber criminals have managed to generate around $332,000 in Bitcoin from an email-based blackmail scam. These funds were sent from over 3,100 unique Bitcoin addresses.
The scam was first reported in 2017. However, the popularity of the attack grew throughout 2018, with many more examples of the emails surfacing.
Many Scammers Using Same Tactics to Earn Bitcoin
The “sextortion” scam, as the publication has deemed it, is rather basic in its design. Victims receive an email stating that they have been recorded viewing explicit content online through their webcam. The sender pledges to go public with the footage if a ransom is not paid in Bitcoin.
As mentioned, more than $332,000 was sent to scammers using this technique. These funds were deposited to a total of 92 Bitcoin addresses. Digital Shadows estimate that an average of $540 was extorted from each of the victims.
As you can see from the below Tweet, the attack is ongoing:
I keep getting emails threatening to send videos of me with my todger out to all my contacts unless I send them a shedload of bitcoins. The #Sextortion scammers are really boring
— Tim Trent (@AluciaCharter) February 18, 2019
The report highlights that different groups using the same basic scam operate with different levels of sophistication. Some of the emails sent are poorly written and show scant knowledge of widespread email distribution. These examples often fail to get past an inbox’s spam filter.
Meanwhile, on the other end of the spectrum, some of the “sextortion” emails show a much higher level of refinement. For example, many of these more sophisticated examples were sent from outlook.com addresses.
The research undertaken by Digital Shadows involved the analysis of more than 792,000 emails. These were sent from servers thought to be hosted on five different continents. The locations with the highest numbers of emails sent were Vietnam, Brazil, and India. Scammers originating in these nations are believed to be behind 8.5, 5.3, and 4.7 percent of the total number of “sextortion” attempts respectively. However, it is quite possible that the email servers could have been compromised too as part of the attack.
According to a report in The Independent, “sextortion” scammers are increasingly turning to social media sites to target high net worth individuals. In this variant of the above scam, individuals have been offered as much as $1.1 million to help target the most lucrative marks. This more sophisticated version of the scam involves forming a relationship with a married person and then threatening to reveal it if a ransom in Bitcoin is not paid.
Senior strategy and research analyst at Digital Shadows, Rafael Amado, commented on the use of social media in the “sextortion” scam:
“Using it can help identify a potential victim’s job, likely salary and firms they have worked for. They may also disclose details of family members, marital status and their location. If this is supplemented with breach data such as passwords then it can make an extortion attempt more potent.”
Featured Image from Shutterstock.