Sextortion scam emails are circulating which claim that a popular adult site has been hacked, allowing an attacker to record videos of users through their webcams, according to Lawrence Abrams at BleepingComputer.
The attacker claims that these videos will be sent to all of the victim’s contacts unless the victim pays the equivalent of $969 to the attacker’s Bitcoin address. The emails also include a victim’s old password obtained from a past data breach in an attempt to frighten the victim.
Additionally, some of the emails contain links, supposedly leading to sample videos of the victim as proof of the attacker’s claims. These links have been known to install malware, such as ransomware, in past campaigns.
BleepingComputer observes that the Bitcoin address in the email has received eleven transactions, totaling $3,260, since the campaign began early last month. Past sextortion scams of this type have netted attackers more than $50,000 in one week, with no cost and very little effort expended on the part of the attackers. Abrams notes that the extreme profitability of these scams means that they’ll certainly continue in the future. He stresses that the emails are fake, and the attackers are intentionally trying to scare you into acting irrationally.
The best advice to combat this scam is to simply delete the emails without clicking on any links. If you’re still not sold, alert your security administrator and have them take a look. New-school security awareness training can teach your employees to keep their composure in the face of scare tactics.
BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/sextortion-scam-stating-xvideos-was-hacked-to-record-you-through-webcam/