Shame and fear have been used as formidable weapons by scammers looking to extort money off their victims. In reality, the majority of scammer threats have lacked basis if past reports is anything to go by.
What is Sextortion?
Years ago, a new tactic called sextortion has been adopted by criminals. The new techniques targets unsuspecting internet users using their email. Sextortion emails have made large illegal blackmail campaigns easier. As many victims continue to pay up, this crime has drastically risen in popularity.
Experts reported that the number of sextortion emails sent to users has risen. Threat actors send emails to unsuspecting victims, claiming to have gained access their webcam. The victim is then threatened with the exposure of pornographic content captured from their webcam. Although this sounds ridiculous, some fall for it.
Thinking that by doing so their 'sensitive' information will remain a secret, victims pay the threat actors using crypto. It is known that criminals attach crypto wallet addresses to such emails. These are the payment channels used by criminals to receive fund from their victims.
Some Basic Concepts
Research found that the figures in this industry are not small. It was revealed, that between late 2019 and early 2020 cybercriminals earned over half a million U.S. Dollars. All this in cryptocurrency transactions.
The way the scam works is pretty simple. A threat actor emails a victim making absurd claims. Typically the threat actors claim that they have access to pornographic content containing the victim. Despite the claim sounding crazy, many fall for it as they are convinced that they have been recorded after visiting a bad porn site. The victims are then extorted and end up paying up to $800 USD in bitcoin.
Experts claim that intimidation campaigns are a tool used by many low-level online scammers. This aspect comes to light with the fact that such scams to not require any technical skills. Anyone with basic communication skills can intimidate people to extort money out of them.
On one end, experts claim that since sextortion does not require any hacking skills anyone can fall victim to it. Despite this, some experts argue that there are some things you can do to protect yourself from such attacks. After major data leaks or breaches occur, data gathered is often sold on the dark-net. As it turns our, most of these cyber-criminals find their victims on the dark-net.
Experts suggest that adherence to certain practices in order to protect your privacy can help prevent such attacks. Some good practices include using a different password on every site and using sites such as HaveIBeenPawned.com to check for any breach. Google also offers a similar service for passwords called Password Checkup.
How Lucrative is Sextortion?
In 2020, Forbes published an article on a group running large scale sextortion campaigns. They claimed that the single group has been making upwards of $100,000 USD every month. All this through the elaborate blackmailing scheme that targets innocent internet users.
The fact that such scammers have been paid using crypto has helped them get away with their crimes. With new methods developed by government to track cryptocurrencies such as bitcoin and monero, it will become harder. Researchers have now established a starting point for their investigations and are hoping to locate more groups performing such scams.
One such cybersecurity company, Sophos Labs released a study on the topic. The firm tried to find out just how lucrative and widespread the sextortion industry is. After the researchers traced and followed the transactions a lot has been revealed. One particular campaign and the criminals behind it have been revealed.
According to researchers, the campaigns were not sophisticated at all. It was noted that the only thing protecting such scammers was the dark-web and cryptocurrencies.
Researchers also found that sextortion messages did not end up in the junk mail. As it turns our the techniques used by these scammers allowed the majority of emails to bypass any spam filters. Nonetheles, out of all the targets not many end up paying or even reading the message.
It was revealed that despite the low success rate, the scammer group managed to make a good profit. In a period of five months, a total of 50.98 Bitcoins have been sent to their wallets.
The researchers acknowledged that ransomware campaigns are the single most lucrative technique used by threat actors. It is not uncommon to see people making their living this way. Considering the low skill-set required to conduct such scams, and with the tools being widely available, it comes as no surprise.
Over the past few years cyber-crime rates have skyrocketed. The dark-net plays a huge role in this and this is just another example. The power of such tools allows anyone to easily conduct crime with barely any trace. Nonetheless the government is always adapting and finding new methods to track such criminals. And with the low skill-set that most such criminals rock, it is only a matter of time until they get caught.