Bitcoin Blackmail Ransom scam

So I recently received a blackmail email. The subject was one of my passwords. A weak password that I used often when I had to create a log in for useless websites.

The email goes like this:

*************************************************************************

Transfer $1000 in btc to the underneath address:
DDDDDDD*DDDDDDD

Copy and paste it, and remove * from it. .
You might be thinking why the heck would you do that?
Very well, put together yourself because I am going to shake your world right now. I had a serious adware infect your own laptop and record video clip of YOU (using your cam) whilst you looked at 'adult' sites. Here is one of your pass word XXXXXX
Nonetheless don't believe me? Respond 7 and I will be randomly share your video with the people you're friends with (Yes, I have got access to your contact list also). Currently, what do I want to make this entire thing go away? Very well, I have already described the actual deal in beginning of the e-mail. If you dont fulfill it within 24 hrs, I am going to create your life horrible by mailing that video to Everybody you know. Your time starts now. 

*************************************************************************
I don't usually give even a tiny attention to spams and email scams. Most of these emails scams are "kind". They would offer you a million, but before you receive your million you just need to send them 1000$ as a processing fee. But the above email, a blackmail/ransom or a sextortion is different. If you go through bitcoinabuse.com you can find several similar reports. People fall for this easy scam.

First, the scammers purchase leaked passwords from the darkweb and use them to scare people. You can check whether a password associated with you is leaked, by checking all your email addresses from haveibeenpwned.com. If one of your online accounts is compromised, it will show against the email address.

Now, why this email is scary:

1. It came directly to my inbox, skipping the spam folders. That gave a bit legitimacy until I searched the Internet to find that this is not a targeted attack. Rather, a silly novice scam.

2. I usually used that weak password with made-up/temporary emails. So my initial concern was, how did they find my primary Gmail account. My current guess is, mistakenly, I must have used my Gmail to create at least one such online account with that weak password.

However, I could also easily dismiss the email easily:

1. My cam is covered. So I don't think they can capture my video (unless in a rare occasion I forgot to cover it while browsing my favorite 'adult' sites. :P

2. I don't think they would spend an effort on infecting my Linux laptop with "a serious adware."

3. By digging the spam folder, I found a near identical email from another sender a few days ago. So now I should send 1000$ to both of them? :P

How to combat such exortions:

First, this scam is a novice one. That means, all they have is a password. But it could be more dangerous.

1. Avoid reusing the passwords. So when they use a password against you, at least you know which account is that.

2. If they have a video of you, most likely you are worried they may have captured your video in a partial or full nudity or in a compromised/sexual pose. 'Adult' sites are not illegal in most countries, but revenge porn is! So if they capture your video somehow and leak it, you are the victim. No shame in being a victim. 

 

I disliked Papanasam movie where a family has to kill a dude because he was blackmailing the daughter with a revenge porn. Same with Sex Tape movie - but to a lesser extent, a consensual sexual video that was leaked unintentionally and the lengths the couple had to go to remove the video. Murders and suicides are not the answer for such crimes. Rather, we should remove the stigma against nudity so that such sextortions won't repeat.

Fixing the society is not easy. But we can try to be more caring to the victims that we know - among family and friends. If your child is caught in such a bad situation, be supportive and help them recover. Seek help from the police, if the scam goes beyond such a naive email (that is, if they "really" have a video, and not just a generic email with a scare tactic).

3. Never reply, positively or negatively. Definitely don't pay them any money. Even if they have your video, why do you think they will delete it after you sending them the money? In fact, giving them money will make you come back to you asking for more. Report the scam email to your email provider as a "phishing attack" and therefore future emails from the sender will be moved to spam. You can save other victims by doing this.

By ignoring their email, they will forget you and move on to an easier victim. If you reply, you stand out. You don't want to irritate a scammer with too much time in hand. The scammer may actually try to send an adware if you mess with them too much. Unlikely unless you click a link in their emails, but better don't waste your time with the scammer.

4. Finally, be careful with to whom you send your photos/videos and where you store them online. While this particular sextortion was a weak one, we don't want a real attack to happen.

Stay safe online!