Cyber criminals are sending victims their own passwords in an attempt to trick them into believing they have been filmed on their computer watching pornography and demanding payment.
An example email might look like this:
The password that they quote in the email is one of your passwords. But it’s quite likely that it’s a password that you used some time ago, and was breached in some historic breach such as the 2012 LinkedIn hack.
There are also variants of the email which rather than quoting your password, actually reference some of the digits of your phone number instead.
"It seems that, +XX XXXXXX1234, is your phone. You may not know me and you are probably wondering why you are getting this e mail, right?
actually, I setup a malware on the adult vids (porno) web-site and guess what, you visited this site to have fun (you know what I mean). While you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) having a keylogger which gave me accessibility to your screen and web cam. after that, my software program obtained all of your contacts from your Messenger, FB, as well as email."
How to protect yourself
- If you receive one of these emails, delete it and report it to Action Fraud.
- Don’t be rushed or pressured into making a decision: paying only highlights that you’re vulnerable and that you may be targeted again. The police advise that you do not pay criminals.
- Secure it: Change your password immediately and reset it on any other accounts you’ve used the same one for. Always use a strong and separate password. Whenever possible, enable Two-Factor
- Do not email the fraudsters or make the payment in Bitcoin.
- Always update your anti-virus software and operating systems regularly.
- Cover your webcam when not in use.
You can also find out more information about Sextortion on our advice page here