Tom Evslin: An attempted internet extortionPosted by Jack Goode / July 31st, 2018 / No responses
Editor’s note: This commentary is by Tom Evslin, an entrepreneur, author and former Douglas administration official. This post first appeared on his blog, Fractals of Change.
My wife Mary received the threatening email below:
I do know, xxxxx [redacted. a throwaway password Mary once used on sites that shouldn’t require a password] , is your pass word [sic] . You may not know me and you’re most likely thinking why you are getting this e-mail, correct?
Well, I setup a malware on the adult video clips (adult porn) web site and guess what, you visited this web site to experience fun (you know what I mean). While you were watching videos, your web browser initiated working as a RDP (Remote control Desktop) with a key logger which provided me access to your display and also web camera. Right after that, my software gathered all your contacts from your Messenger, Facebook, and email.
What did I do?
I created a double-screen video. First part shows the video you were viewing (you have a good taste rofl), and second part shows the recording of your web cam.
What should you do?
Well, in my opinion, $2900 is a fair price tag for our little secret. You will make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).
BTC Address: 1HNcrm3pBwD299it5SfcerzrFqVKzy2cBz
(It is cAsE sensitive, so copy and paste it)
You now have one day in order to make the payment. (I’ve a specific pixel within this e mail, and at this moment I know that you have read this e mail). If I don’t get the BitCoins [sic] , I will, no doubt send your video to all of your contacts including members of your family, coworkers, and so on. Having said that, if I do get paid, I will destroy the video immediately [sic] . If you really want evidence, reply with “Yes!” and I will certainly send out your video to your 5 friends. It is a non-negotiable offer, thus please don’t waste my time and yours by responding to this message.
Even if Mary were in the habit of browsing porn sites and was desperately afraid of being found out, we would not have coughed up the bitcoin both because giving in to this extortion would have led to nothing but further demands and because this would-be extortionist pretty clearly is blowing smoke.
If he or she really knew Mary was watching porn, he or she would have given the name of the site as proof. If she or he had access to Mary’s contacts, she or he would have listed one or two. Mary doesn’t use Messenger, so the claim to have her Messenger contacts is spurious. Facebook contacts are stored on Facebook and not user computers. Key loggers (malware which records all your keystrokes and can be used to steal passwords) doesn’t have access to either the display or the camera although the threat of a two-way video is probably what make this extortion frightening enough to work for some people, especially male people. The email does not appear to contain a tracking pixel to tell the sender when it has been read although, just to be sure, I’m working with only a copy of the text.
What does give this a hint of authenticity is that the password I redacted in the first paragraph is one that Mary has used. My suspicion is that the would-be extortionist has hacked some site to get passwords or just purchased a trove of them on the dark web.
If you are afraid you are vulnerable to a hack like the one the sender claims to have perpetrate, there are a few steps you can take to protect yourself:
• Install antivirus software if you don’t already have it.
• Use your browser in Private mode when visiting any website which is unknown to you or faintly suspicious. Private mode prevents websites for leaving behind cookies. On Firefox you get a private window by selecting “New Private Window” on the File menu BEFORE going to a suspect website. On Google Chrome, select “New Incognito Window.” On Microsoft Edge, select “New InPrivate Window.”
• Unless you know a website well, never allow it to download anything to your computer. All mainstream browsers block downloads unless you give specific permission for them in a dialog box. Porn sites offer downloads to prevent tracking; this software is likely to be malware.
• Change passwords often.
• Don’t pay blackmail! There’s no reason to trust the blackmailer, and you both confirm your guilt by paying and open yourself to further demands.
Contact DMCA Defender to discuss monitoring services.
Googling has now shown that this email has been sent to many people around the country in the last few days. There is at least one other recipient in Stowe.
I’ve emailed a copy of the letter to the Vermont Attorney General’s Office. Their website says they want to know about scams to alert other people. I don’t know if they have a way to try to find the scammer.