Sextortionists Falsely Claim, Pose to be the CIA, Demanding Bitcoin Under Threat Of Prosecution
Phishing scams have always plagued the crypto ecosystem. Last year saw the entry of a new breed of cyber-extortionists that seems to be gaining ground, so much so that they were able to steal over $300,000 in Bitcoin (BTC) tokens in 2018.
Not long ago, online extortion typically involved blackmailers sending threatening emails to their victims, promising to leak compromising information.
Other extortionists tried warning victims of an impending cyber attack, such as a denial of service (DoS) attempt if ransom demands were not met. In the early 2010s, ransomware emerged as a viable method of coercion, culminating in the 2017 “WannaCry” attack that crippled business operations in over 100 countries.
Cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.
Specifically, cybercriminals recognize they can monetize elements of our online exposure for extortion-based activity, including exploiting compromised credentials, sensitive documents and intellectual property, and technical vulnerabilities.
Sextortion-based email campaigns seek to extort victims by threatening to publicly embarrass them for engaging in a sexually explicit act. They often claim to have footage of the intended victim watching porn.
A scam in 2018 begun targeting porn viewers in an attempt to blackmail victims and extort $1,900 in Bitcoin. Via malware, the scammers claim to have compromising footage of viewers taken from the would-be victim’s webcam while pornographic videos were playing.
The scam email sent to victims begins by revealing to them their own password — presumably obtained from a company data breach — as “proof” that their computer has been hacked, although it’s unclear whether the footage exists.
This scam has extorted 30 bitcoins because sextortionists impersonated government officials. They tell the victims that the only way out is bribing a government official with bitcoin. The extortionists claim to be things like a “Technical Collections (Management) Officer” (TCO/TCMO) from the CIA.
However, one can protect themselves from this scams very easily, by just not replying to such messages.