Blackmail Scam

Published: Posted on

We have been getting quite a few calls recently about messages trying to blackmail people.  They allege that the recipient has been viewing pornographic sites, malware has been installed on the recipient’s computer and they have compromising recordings of the recipient that will be sent to friends and colleagues.

For example:

Example of blackmain scam

To make the message look more authentic and try to make people believe that their system has been compromised an old password that the recipient has used is provided.  These passwords are old passwords from compromised websites.  These passwords have been published so are available publicly.  The fact that the message has an old password in it does not indicate that your University account has been compromised.

The video they claim to have does not exist and in nearly all cases could not possibly exist.

These messages are sent in a widespread untargeted way.  Our advice is to delete them.  If you feel that they should be reported, please report them to Action Fraud.

We have not yet seen any examples of messages which include a current University password.  However, in some cases people are using the passwords on other sites (eg Amazon, Currys, LinnkedIN).  If you receive a message with a password in that you are currently using anywhere you should change the password at those sites; it is also advisable to change passwords anywhere you may be using a similar password.

A more detailed description of the scam is available here

Author: Chris Bayliss

IT Security Manager.

1 thought on “Blackmail Scam”

  1. Hi Chris
    Following my conversation with IT Support this morning, I’ve pasted below the e-mail discussed with Adrian. The content is almost identical to the specimen above so I guess it’s by the same author.

    hello, my prey.

    I write you because I put a trojan on the web page with porn which you have viewed.
    My virus grabbed all your private data and turned on your web cam which recorded the act of your wank. Just after that the trojan saved your contact list.
    I will erase the compromising video records and data if you send me 300 EURO in bitcoin. This is address for payment : 1BG7Tq9N5L8PptCDUrH1u9Uv6hUZZKNVFG

    I give you 30 hours after you view my report for making the payment.
    As soon as you open the message I’ll see it right away.
    It is not necessary to tell me that you have sent money to me. This wallet address is connected to you, my system will delete everything automatically after transfer confirmation.
    If you need 50 hours just Open the calculator on your desktop and press +++
    If you don’t pay, I’ll send dirt to all your contacts.
    Let me remind you-I see what you’re doing!
    You can visit the police office but nobody can’t help you.
    If you attempt to deceive me , I’ll see it immediately!
    I don’t live in your country. So anybody can’t track my whereabouts even for 9 months.
    Goodbye. Don’t forget about the shame and to ignore, Your life can be destroyed.

Leave a Reply

Your email address will not be published. Required fields are marked *