Skip to Main Content

Sextortion hackers use 'friend's naked girlfriend' lure

A novel attempt to convince people to open malicious email attachments is spreading online, purporting to offer nude photos of a friend's girlfriend.


Instead of threatening to distribute stolen private images, this new attempt claims to have already "sextorted" the recipient's friend, who refused to pay.

It tells them it is now emailing nude photos to every contact of the supposed victim - and to check the attachment.

Researchers said the "new take on sextortion is quite remarkable".

Recipients who click on the attachment open a Word document with a blurred image that hints at possibly sexual content - and instructions on how to "enable content". nDoing so downloads a malicious application.

Usually, hackers who prey on people using sexual images claim to have gathered them by secretly accessing a webcam or the user's saved images.

They demand payment, threatening to spread the compromising images to friends and family.

"We have found images of his naked girlfriend and demanded $500 for them," the email reads.

"Regrettably, he has not paid... you will find these pix attached to this message."

IBM X-Force Threat Intelligence said: "If people do not identify as the victim, they may act much more careless, especially those curious to find out who was actually targeted,"

The attack works by encouraging users to ignore the security warning from Microsoft Office applications and click the "enable content" button.

If a user does click the "enable content" button, a piece of malware known as Racoon is downloaded and attempts to steal large amounts of data from dozens of apps, including web browsers and email clients.

This attack was, the IBM researchers said, similar to an earlier one that asked users to enable permissions to sign a digital document.

Another new version of the same attack claims the recipient is being sued in court and must reply in a limited amount of time.