Where our lives are increasingly intertwined with technology, a disturbing trend has emerged that exploits our deepest fears: sextortion scam emails. Imagine receiving a threatening message from someone claiming to have compromising material about you, demanding a ransom to keep it private. This unsettling scenario is the reality for many who fall victim to sextortion.

You might assume that no one would fall for these scams, but cyber extortion is neither new nor ineffective. When these schemes first appeared in 2018, they quickly got over $50,000 in just one week, and scammers continue to profit from them even today.

What is a sextortion scam?

A sextortion scam is a type of online blackmail where scammers threaten to release private, embarrassing, or sexual content about you unless you pay them money. These criminals often claim to have hacked your computer or phone, and they say they have videos or photos of you in intimate situations. They demand a ransom—usually between $500 and $5,000—so they won’t share this material with your family, friends, or co-workers.

Though this might sound far-fetched, these scams are very common and have been successful at scaring people into paying. Here is how it works:

• Contact from the scammer: The scam usually starts with an unexpected email or message. The scammer claims they’ve hacked into your device and found sexual or embarrassing content, often saying they recorded you through your webcam while you were on adult websites.
• The threat: The scammer threatens to send this material to everyone you know—your family, friends, colleagues—unless you pay them. Payment is almost always demanded in cryptocurrency like Bitcoin, which is hard to trace.
• False claims: In most cases, the scammer hasn’t actually hacked you or found any sensitive material. They rely on fear to make you panic and pay. To seem more believable, they might include old passwords or personal details they’ve found in data breaches.

• Emotional manipulation: The scam works because it plays on your fear of embarrassment. Even if you know there’s no material to leak, the thought of such a thing happening can cause anxiety, which makes some victims more likely to pay.

Scammers use several tactics to make their threats seem credible and to pressure victims into paying. They often include passwords or personal information from past data breaches to falsely claim they’ve hacked your device. They may also use phishing techniques, such as fake links or websites, to trick you into providing more personal details or clicking on harmful content. Additionally, they apply psychological pressure by creating a sense of urgency and fear of public embarrassment, aiming to force a quick response before you have time to think critically about the scam.

Sextortion scams come in several forms, each exploiting different tactics to scare victims into paying money. The most common type is email-based sextortion, where scammers claim to have hacked your webcam or device and threaten to release compromising videos unless you pay them. Social media sextortion involves scammers using social platforms to make threats, either by pretending to have hacked your accounts or by impersonating someone you know, demanding money to avoid sharing fake content. Romance sextortion occurs when scammers, posing as potential partners on dating apps, trick victims into sharing intimate photos or videos, which they later use to blackmail the victim. Revenge sextortion involves blackmail from someone you know, such as a former partner or friend, who uses intimate content to extort money or favors from you.

What to do if you get a sextortion email?

If you receive a sextortion scam email, stay calm and follow these steps recommended by the National Cyber Security Centre:

• It’s important to stay calm and follow security protocols if you receive a sextortion scam email. Do not engage with the scammer.
• Forward the email to report@phishing.gov.uk, which is the National Cyber Security Centre’s Suspicious Email Reporting Service (SERS) and delete the email from your inbox.
• Avoid paying the Bitcoin ransom; doing so may encourage more scams by signaling that you are a willing target.
• If the email includes a password you still use:
  • Change the password immediately.
  • Check if your data has been compromised by visiting Have I Been Pwned.
  • Create stronger passwords and enable additional security measures using resources from Cyber Aware.
• If you have paid the ransom, report the incident to your local police by calling 101.
• For emotional support, contact Victim Support at 0808 168 9111 or visit Victim Support.

Sextortion scam emails are a form of cyber extortion; educate yourself on how to handle them safely.

Featured image credit: Eray Eliaçık/Bing

The No More Ransom project has announced that six years after its establishment, it has assisted more than 1.5 million individuals in successfully decrypting their locked devices and regaining access to their data without paying a ransom.

No More Ransom was launched 6 years ago

No More Ransom was launched in 2016 as a joint effort by the European Cybercrime Centre at Europol, the National High Tech Crime Unit of the Dutch Police, and cybercriminal heavyweights Kaspersky and McAfee. The project’s main objective is to provide victims with free ransomware decryptors.

The No More Ransom project now has more than 180 participants. In addition to straightforward decryption tools, it offers general ransomware information to increase awareness, suggestions for handling ransomware occurrences, and directions for reporting cybercrime in more than 30 countries, including the UK. Before it is too late, you can learn how to choose a cyber security monitoring tool in 2022 by visiting our guide to protecting your own personal data.

“Ransomware is an effective way to get money from victims and remains one of the biggest cyber security concerns. In just the first three months of 2022, more than 74,000 unique users were found to have been exposed to this type of threat – and all of these attacks were successfully detected,” stated a security researcher at Kaspersky, Jornt van der Weil.

“This has led to an increase in the tendency to help these initiatives, and I’m extremely happy that we can assist people and companies in restoring their digital assets without paying the attackers. This way, we hit the criminals where it hurts—their business model—as users are no longer forced to pay to decrypt their data. We will keep on fighting ransomware with our existing and future partners,” he added.

The impact of ransomware is, of course, determined by various sources. Quarterly reports favored by huge cyber security organizations are not always taken at face value because they invariably rely on information gleaned from confidential corporate databases.

The recent statistics show that the risk is not going away

However, many recent publications have claimed that although ransomware is still a real threat, there are some indications that the “market” may be cooling off.

In Europe, there was a tiny year-over-year reduction, with only one in 66 organizations hit, according to statistics released this week by Check Point, which shows that the number of ransomware attacks has climbed and now affects one in 40 organizations weekly globally.

Meanwhile, ransomware no longer dominates the threat landscape, according to Cisco Talos’ Incident Response unit, whose data covering Q2 was recently made public. Instead, commodity malware, which made up 20% of all threats compared to ransomware’s 15%, was the top threat seen in its data between April 1 and June 30. The company’s researchers hypothesized that internal rifts in ransomware gangs and law enforcement takedowns may have contributed to this.

According to SonicWall, which also released a half-yearly threat report this week, June 2022 saw the lowest monthly ransomware volumes globally in two years. This is because ransomware gangs’ lives have become much more difficult due to government sanctions, supply chain issues, plummeting cryptocurrency prices, and a lack of infrastructure.

SonicWall’s data, in contrast to Check Point, recorded a 63 percent increase in ransomware assaults in Europe, indicating a geographical shift in the cybercrime environment is underway, at least partly because of variables related to the situation in Ukraine.

While it is impossible to draw an accurate picture, defenders should be aware that the threat posed by ransomware is not going away. Instead of dealing with it after the fact, the best course of action when dealing with this kind of criminality is to try to avoid it in the first place. That is why initiatives like No More Ransom are vital. We recommend that everyone check out the best cybersecurity practices to stay safe against today’s digital perils.