What should you know about the Bitcoin Email Extortion Scam?

Published by Julian
on July 23rd, 2018

Here’s the threat delivered to your email: They've infected your system with remote computer control malware. Pay a ransom in bitcoin or they’ll release evidence of you watching adult material. They show your password, or part of it, to prove their case.

Is this threat credible? No, it’s a scam. The bad guys got your information from a breach and are using it to shake you down. The evidence is manyfold:

It’s an untargeted, mass email scam

The scammers are not targeting specific individuals. Your inbox is one of thousands in a database. They’re only hoping to capitalize on panic and embarrassment to force some small number of people to pay the ransom. Their goal is making fast cash from the volume of people who give in, they’re not interested in running high effort blackmail. We know this because the content of the email is nearly identical in many, many reports.

Not only is there no concrete proof offered, the scammers actively dissuade the would-be victim from looking for evidence. There’s no mention of which adult website you had visited. Your full name often does not appear in the email. There are no images or videos of you attached or linked to.

No malware detected

The emails also claim to have installed malware through which they gathered this incriminating material - yet, malware scans reveal no threats. True, malware scanners vary in accuracy when it comes to more subtle infections. Software capable of remotely accessing your system is not one of those.

Nothing new under the sun

The history of this threat is also a clue to it being a scam. These reports have been floating around since the end of 2017. The nature of their threat, the amount of money they’re demanding and the method of ‘evidence’ collection has changed but it is essentially the same scam. A stranger threatens to reveal embarrassing information about you and will remain silent in exchange for a ransom.

So, what should you do?

You should not pay this ransom, but you should definitely see this as a big wake up call about your data security. This data was pulled from one of the many data breaches that’ve been popping up in the last several years. That means that your email and password has been compromised.

Next, act:

  • Whichever password appeared in the email: change it, everywhere and never use it again. You can check if your password has ever appeared in a breach. If it has, never use it again.

  • Adhere to good password practices when creating new passwords.

  • Run a malware scan on your system - (Malware Bytes)

  • Consider cloud-based password vaults like 1Password or LastPass.

    • If you only have to remember 1 master Password, you can make it as secure and strong as possible

  • Create long and high-strength passwords by forming a memorable phrase, then adding capitalization and punctuation.

    • It would take a computer running a brute force password cracker approximately 2 Sexdecillion years to crack "Iwaswanderingthroughthetulips1day!" -  that's a 2 followed by 96 zeros.

Concerned about keeping your website more secure? Learn about our on-going website maintenance services.

What should you know about the Bitcoin Email Extortion Scam?

Reports have been flowing in of a new email threat: pay a ransom in bitcoin or have embarrassing webcam footage of you sent to your contact list. Learn what to do when this phishing scam lands in your inbox.

Work with Xeno Media

We know you'll judge us by the company we keep. That's just the way we like it. We would love to hear from you. If you would like to discuss your project, please call us at 630.599.1550 or fill out our Contact Form.

Contact Us

18W100 22nd Street
Suite 128
Oakbrook Terrace, IL 60181
630.599.1550 View Map

Signup for our Newsletter!