A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into paying huge fees.
If you were to find yourself on the victim end of a sextortion scam, like the many scams I’ve covered that leveraged data taken in the LinkedIn data breaches as the foundation for establishing credibility with victims, you’d probably want the “problem” to go away as quickly as possible. You’d do anything to make it all disappear, right?
That’s what a new breed of scammers is betting on, who offer “sextortion assistance” services on the web. But what could legitimately be an actual service, according to a new FBI Public Service Announcement released earlier this month, is instead more likely yet another scam.
According to the PSA, many of these services are actually companies using “deceptive tactics—including threats, manipulation, and providing false information—to coerce sextortion victims into paying for their services.” The FBI notes that these companies use “high-pressure or scare tactics in an effort to secure your business” and that sextortion victims should instead always contact law enforcement (despite this being discouraged by the sextortion assistance “providers”).
There’s no indicator of whether these services are part of a larger sextortion scam (that is, the very same cybercriminals who send the sextortion emails could very well also be providing the assistance services), so it’s possible that this is simply a multi-phased scam.
It’s yet another example of why recipients of sextortion emails should simply ignore the emails. If you see any suspicious activity submit a tip to the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov.
Here's how it works:
