Funds-Back Sheds Light on Extortion Emails
Have you received a menacing email recently? Perhaps the writer claimed that they had your online password, said that they had used it to monitor your online activity, and they had recorded you doing naughty things? Now you have to send them bitcoin, or they’ll tell your employer, your spouse, your mom, and anyone else who you’d rather not know your secret online activities. Funds-Back is an agency that helps people recover from scams, and they see this one a lot. Here’s how it works.
Wait, They Have My Passwords?
Usually, these scammers will claim that they have all of your online passwords, and to prove it, they’ll share one. This personalizes the message and usually creates a sense of urgency. However, if you look closely, you may notice that the password in question is very old. It might be one you used on a site you haven’t visited in years, or it might be the same password you used everywhere before you learned good password security.
How did they get that ancient password? Well, according to Funds-Back, scammers can buy lists of email addresses and passwords on the dark web, gained from hacking various websites. The password in question might be from a very old data breach, probably from a site that wasn’t very secure. This is likely the only password that the scammer has. If you’re still using the password anywhere, you should of course change it immediately.
But Still… They Saw What I Did!
No they didn’t. If you read the email closely, you’ll notice they just use vague, shaming wording to suggest that they know what you’ve been up to, generally hinting that it probably involves watching porn. While many people watch porn, even those who aren’t ashamed about their habits might still not want their boss to know about their sexual activity. But the people who are most likely to be worried by this scam are those who are engaging in very taboo porn consumption, or behavior that is outside the agreed-upon bounds of their committed relationship.
While many people can shrug this scam off because they know they don’t have to be ashamed of their online activity, enough people are worried about having their secrets shared that they will pay the scammer.
Shouldn’t I Pay the Bitcoin, Just to Be Safe?
This sort of scam almost always requests to be paid in bitcoin, usually either a specific amount of BTC, or BTC currently equivalent to a certain dollar amount. They’ll give you the bitcoin address you’re supposed to send it to.
You might wonder, why bitcoin? After all, a lot of people don’t already have bitcoin and don’t know how to use it. Wouldn’t they get more victims if it was quick and easy to send them money?
Bitcoin has become a popular payment method because its pseudonymous nature makes it difficult to recover without the help of experts like Funds-Back.
Funds-Back Says Don’t Believe Them
So what should you do if you get one of these emails? Funds-Back says you can safely delete it and ignore it. Again, if you are still using the password mentioned in the email, make sure you change it. Maybe even take the time to do a quick audit of all of your passwords and determine whether you should replace them with something more secure. But don’t worry. Nobody’s been watching what you do online.