We have recently received reports regarding a new type of sextortion email attempting to blackmail our citizens. Sextortion occurs when someone threatens to distribute private and sensitive material if the victim doesn’t provide them with images of a sexual nature, favors, or money. Threat actors have used sextortion schemes to target citizens in the past, but have recently changed their methods to make their threats more believable.
These emails include a PDF attachment that is a letter addressing the victims by name and includes a photo of the target’s home, usually pulled from Google Maps. The emails, as of now, contain no active malware themselves, but one should always be wary of opening emails and attachments from unknown senders.
The letter claims that malware has been monitoring the victim’s device, secretly observing their screen activity and recording them through the device’s webcam and microphone. The threat actor says they have taken that evidence to develop videos and screenshots of the victim’s web history and webcam footage of private acts. The threat actor threatens to release this evidence unless the victim pays the ransom, typically around $2,000. The ransom letter usually includes a Bitcoin address or a QR code. It is advised to not scan the QR code as it could lead to malicious content. In some cases, the QR code was not active when executed.
The threat actor threatens that if the ransom is not paid within the specified time, the videos will be released to family and friends. We have gotten at least two reports of this being used to target Highlands County citizens, and are confident that there have been more threats made, and they will continue in the future.
If you get a letter/email like this:
• Report the incident: Many of these emails will specifically state to not involve law enforcement, but it is imperative that you alert your local law enforcement of the threats. The senders email address and any Bitcoin or dark web addresses are of particular interest. Please call 863-402-7200, option 1 to speak to dispatch.
• Do Not Engage: Avoid communicating with the threat actor. Do not pay any type of ransom. This can often escalate the situation and encourage further threats.
• Cyber-Hygiene: Use strong passwords, cautiously handle emails from unknown senders, implement multi-factor authentication (MFA), and review your privacy settings on your online accounts.
More information about these types of threats can be found here:
https://www.ic3.gov/Media/Y2023/PSA230605https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/
