In the first nine months of the year, the rising Bitcoin (BTC) prices made attackers dust out sextortion emails. Symantec traced wallets and addresses, estimating that the scam raised around 12.8 BTC.
Bomb Treats and Explicit Information Frighten Users into Paying
Sextortion emails usually claim to have hacked a user’s camera, then require a BTC payment. The scheme is less critical in comparison to ransomware threats, which were more active in the past years.
Talha Obaid, an Expert on Email security at Symantec commented,
The sextortion scam is gaining popularity and it’s a typical case where someone hacks into your webcam, records intimate acts and threatens to send the recordings to everyone in your contact list unless you pay them several hundred dollars in Bitcoins
Emails sometimes targeted specific regions, though the emails were a mass affair, being sent out through botnets.
Second part of a disturbing #sextortion email from 184.108.40.206, targeting Italian people.
The scammer accuses you of being a pedophile and threaten you to publish the recorded proofs, what a nice person.
BTC used: 37BMtoLDud7URB2bkYrP1gMrDdpeHuRpyFhttps://t.co/pMpoLTls2R pic.twitter.com/ycUFkal4W9
— dave (@dave_daves) September 10, 2019
Sextortionists Made Away with Around $1.2 Million
Symantec has intercepted as much as 300 million attack emails. The trend is part of the increasing number of scams spreading by email or social media, as BTC is once again seen as a valuable asset. The scams started off slowly months ago, but the effect of constantly bombarding inboxes materialized in late 2019.
Out of thousands of emails, the wallets of the scam builders collected 243 payments. But Symantec estimates this is a good return for the mass generated emails that had no targeting. The text of the email, however, manages to convince enough people that they were specifically attacked. A variation of the email involves a message that a bomb has been planted in the building where the receiver works.
🚔 A payment of 0.105 BTC (1,046 USD) has been made to a known Sextortion Scam!
— Whale Alert (@whale_alert) September 11, 2019
The scammers ended up emptying out most of the closely watched wallets. It is still possible to use BTC in a more anonymous manner, though there are very few coin mixers remaining.
Illegal activity related to the BTC network only complicates the recent drive for transparency. Each address in connection to sextortion schemes or other illegal activities is potentially tainted. This is one possible reason for the occasional dust attacks, which create confusing connections between wallets and make it more difficult to estimate the origin of BTC funds.
Symantec advises users to set up stronger passwords and never to repeat a password. Using throwaway emails, or being careful with links and registrations is also a good practice.
What do you think about the BTC sextortion scam? Share your thoughts in the comments section below!
Images via Shutterstock, Twitter @Dave_dave @whale_alert