Scammers are apparently sending more emails again in which they threaten recipients to distribute embarrassing videos of them masturbating. They allegedly infected their victims' devices with spyware. What should you do if you receive such a message?
The marketing agency Into The Minds used the SEO tool Ahrefs to analyze what people in the 27 EU countries are most interested in online from June 2022 to June 2023. News comes first with 363 million searches, closely followed by “adult content” with 351 million searches. This is not surprising, criminals also know this and use the widespread passion for porn for blackmail emails. This has been going on for several years, but cyber gangsters are apparently particularly active again at the moment.
Basically, the emails always tell the same story: Hackers infected the computer or other devices with malware, which gave them control of the camera, among other things. They would have used this to film and photograph their victims while masturbating. If the recipients did not want their family, friends, acquaintances or employers to see the recordings, they would have to send a certain amount in cryptocurrency to the blackmailers.
No evidence, but well done
The blackmailers have no evidence of having such incriminating material. This is the case with the “Have you heard of Pegasus?” campaign. Until now, the cyber gangsters had mainly sent emails in English, but now they are apparently increasingly spreading the message in German.
It contains very few errors and is largely correctly worded, but it is particularly noticeable when translations are too literal, such as “contact book” instead of “address book”. Apparently the blackmailers are using Google Translate. Because if you apply it to the English text, the result corresponds exactly to the sent German text that ntv.de has.
The subject often doesn't immediately show what it's about, but rather uses harmless wording. This is intended to bypass spam filters. Just as often, the email appears to come from the victim addressed; such forgeries are called spoofing.
High probability of hitting
The criminals' calculation is that the threat of the infamous Pegasus spyware will accidentally hit a recipient who visits porn sites. The text impressively illustrates what publication would mean for the lives of those affected. Given that pornography portals are about as popular as news websites, there is a high probability that the blackmailers will often be successful enough to collect a lot of money if they send a large number of emails.
As with other spam, they usually get the email addresses from the dark web, where they can be purchased cheaply in large packages. They come, among other things, from hacks of online portals or from the address books of users whose computers have been infected with malware. This can happen, for example, if you open an attachment in spam emails or follow a link in it.
Blackmail emails are even more frightening if, in addition to the already threatening text, they also contain passwords, addresses, telephone numbers or other personal data actually used by the victim. But as the consumer advice center writes, this information usually comes from the same sources as the email addresses.
How should you react?
If you receive a blackmail email, under no circumstances should you open any attachments or click on any links in the message. And of course you don't respond to the criminals' demands or respond to them. You can simply delete the email or help the authorities identify the masterminds. The chances that the latter will have any effect are small, but it could help, for example, to recognize new variants and, if necessary, to determine the connection between crimes such as Bitcoin addresses, writes the Lower Saxony State Criminal Police Office.
The consumer advice center recommends reporting the blackmail attempt online via the Internet watchdog. This problem appears in the crime statistics and can be seriously pursued by the investigating authorities. The consumer advice center also asks you to send the email to [email protected] to forward. In this way, she can recognize fraudulent scams and warn about them on the phishing radar.
If the email mentions passwords that you still use, you need to change them. The address used by the cyber gangsters can be found on a Hasso Plattner Institute website or at Have I Been Pwned? input. This way you can find out whether it is in a known database on the Darknet.
Prevention is better
Although highly unlikely, there are cases where criminals have actually had the opportunity to film users through their computers' cameras. To prevent this, it is important to use virus protection specifically on Windows PCs. Like the operating system and other software, this should be kept up to date. Programs and apps are only installed from trustworthy sources.
The consumer advice center also recommends a simple but very effective remedy: you should cover the web camera when you don't need it. More elegant are sliding panels that are either integrated into the device or available as inexpensive stick-on solutions.