Web porn extortion attempt misfires
CTV says that people who visit porn sites are being targeted by extortionists, but that’s not entirely true. I’ve received such messages in the past and see in my spam filter than I got one four days ago, and another four days before that.
I don’t visit porn sites, but these scammers did know my LinkedIn password, which I have since changed.
They also claim to have cam video of my porn visits (I don’t have a cam) and will only delete the file if I pay $1128 in bitcoin, otherwise they’ll send the video to all my contacts.
Really quite clever to be using stolen LinkedIn passwords for this, as the gullible might well be scared by the thought of job prospects being ruined by such revelations. I wonder why $1128, though.
EmilyG 14:19 on 2020-04-18 Permalink
Maybe $1128 in bitcoin is a specific amount in some other, more ordinary kind of currency, or it was at the time the scammers set the price? I don’t know much about bitcoin, but it seems to often be subject to drastic changes in value.
Just my wild-ass guess.
Kate 14:41 on 2020-04-18 Permalink
Yes. It could be one [tenth of one] bitcoin (see below).
mare 15:01 on 2020-04-18 Permalink
I got two really good looking “Interac payment from the Government of Canada” message the other day.
(First giveaway: $399 instead of $2000; why so modest?)
The message had a link (2nd giveaway: a bit.ly link) that led to a very convincing copy of the Interac acceptance website where I could choose my bank, and when I did I got a very convincing login page where I had to enter my account number and password. The next page was a “update your secret questions and answers” page with three dropdowns of the actual questions my bank asks.
Then a third giveaway: tacked beneath it was a expiry date and CCV code field. Just plain text fields, no checks for right format.
Then a “Deposit” button that led to an error page and then was redirected to the real Interac.ca website.
Anyway, the whole thing was the best fishing attack I have ever seen, and will certainly have been effective to fool some people, whose bank account would be a whole lot emptier a few minutes later.
And be forewarned: if people get to your bank account and send Interac transfers that money is very hard to get back. And not insured.
First giveaway: a bitly link.
Dhomas 16:09 on 2020-04-18 Permalink
1 Bitcoin is closer to $10k, so maybe it was 0.1 Bitcoin they were looking for. A good practice is to periodically check this website to see if any of your passwords have been compromised: https://haveibeenpwned.com/
Kate 16:47 on 2020-04-18 Permalink
Thanks for the math correction, Dhomas, I’ve made a correction above.
I’m not too pwned. LinkedIn was the only relatively major one that affected me.
Dhomas 18:58 on 2020-04-18 Permalink
It doesn’t really matter if it’s a major site or not. What’s more important is if your username/password is reused elsewhere. If you use the same password everywhere, a compromised site can reveal your password to everything else.
Max 19:06 on 2020-04-18 Permalink
First thing I do when I receive a fishy email is to inspect the full ‘from’ address. As far as I know, there’s no way to spoof the domain in the sender’s address (short of hacking into that web site). If you don’t recognize the sender’s domain, don’t click any links or open any attachments. Period.
Douglas 21:08 on 2020-04-18 Permalink
I had the scam phone call from revenue quebec saying they caught my fraud and will arrest me soon unless I spoke to them.
I spoke to the guy and cursed him out until he hung up. Never got a call again.
That stuff must work though, against unsuspecting people.
Kate 21:14 on 2020-04-18 Permalink
Dhomas, I take your point, but I don’t reuse passwords and the other things that turned up on my “pwned” list were things I could hardly remember even creating a login for. However, maybe I should clean house on that.
Max, that’s good basic advice.
Douglas, scamming works best on people who are a little off-balance and nervous about something. Like the robocalls in Mandarin trying to scam people whose immigration applications are under consideration. Or the tax robocalls like the one you got (and most of us have received at one time or another) – lots of folks have irregular tax filing habits, and might be caught at a weak or worried moment. Or like these porn habit blackmail emails.
walkerp 23:03 on 2020-04-18 Permalink
How is looking at porn worth a blackmail threat in this day and age? I mean it’s practically mainstream at this point.
Kate 23:30 on 2020-04-18 Permalink
I think the implicit threat is that they will log in as you to LinkedIn and upload video of you enjoying porno. The people who’d see it are work colleagues and potential employers. I’ve no idea whether anyone has ever actually posted any such video, and I suppose LinkedIn would remove anything sleazy (although I have no idea how responsive they are).
Occurs to me the scammers are probably pretty canny, since with so many people working from home, chances are people are indulging a bit more than usual…
Mark Côté 09:41 on 2020-04-19 Permalink
This scam has been going on for a little white, at least since 2018. And yeah, it has nothing to do with porn sites; the scammers just blast emails out containing leaked passwords hoping that people reuse them and get worried. If you do reuse passwords and visit porn sites then yeah I could imagine this being quite scary.
NB interestingly traffic to porn sites hasn’t really risen during the pandemic according to The Economist.
Chris 14:08 on 2020-04-19 Permalink
Mark, that Economist article is paywalled, so I can’t check it, but according to Pornhub, traffic is up:
https://www.pornhub.com/insights/coronavirus-update-april-14
Mark Côté 20:51 on 2020-04-19 Permalink
Ah sorry, didn’t realize that wasn’t part of their free covid-related articles. They cite CloudFlare as a source, who report a modest increase in porn traffic of about 20%. Not much compared with, say, the 125% increase in traffic to arts and crafts sites and the 250% increase to kids sites.
Also according to that article from PornHub their biggest increase was the day they made premium accounts free, which presumably not all porn sites did.