BtCIRT has been reported of porn scam emails which purports to come from a hacker claiming to have video and image footage of the victim watching pornography. Victims are then threatened that the scammer will send the alleged video or images to their personal contacts unless they pay a ransom of $5306 in bitcoin payment.
They claim to have managed to hijack the victim’s browser while the victim visited an adult site and used it as an RDP server to install a keylogger, using which they got access to the victim’s contacts from Facebook, Messenger and email account and also captured the
To make it more convincing and credible, the email contains some personal information such as passwords. However this doesn’t mean your account has been compromised, they simply copy such data from the major data leak databases which are available on the dark web. If you are still using the breached password then it’s time that you change it immediately. Don’t forget to use a very strong password.
With more people working from home and using their phone, computer or tablet, the online fraudsters are taking advantage of the situation. The scammers send thousands of such messages each day. While many recipients might just delete and discard such emails, some fall victim and transfer the amount out of fear, making it a very lucrative means of earning.
The BtCIRT would therefore like to advise all users to adhere to the following guidelines and recommendations with regards to porn scam emails:
-
Always use the latest versions of software, particularly your web browser and use antivirus.
-
If you receive such email, do not click on links or any attachments within. Many times those links or attachments lead you to a fake website designed to trick you into giving away your personal information or you may download malware to your computer or mobile device.
-
Never ever respond or transfer the ransom to the attackers.
-
Never send compromising images/videos of yourself to anyone, no matter who they are, or who they say they are.
-
Enable two-factor authentication on your important accounts.
-
Change your exposed passwords, you probably have already had it changed, since they are using old passwords that were exposed. Here on, change them often and consider getting a password manager to ensure your passwords are strong and unique. Avoid using commonly used passwords like ‘passw0rd’, ‘P@ssword123’, ‘12345’, etc, or changing them superficially like “thimphu” to “thimphu123”.
-
Always keep your webcams covered when you are not using them.
- Mark the email as spam and report to cirt@btcirt.bt, this would help us analyse and disseminate timely information to others who might fall victim. For more details on being safe online , visit our Advisory
- Be extra vigilant while visiting illegal sites as many of them have malware embedded in links, videos or images, which may lead to your device being compromised.