- Sextortion scams evolve with personalized tactics and heightened intimidation.
- Threat actors exploit invoicing platforms to bypass email security filters.
- Robust email filters and training help counter sextortion threats effectively.
Sextortion scams are becoming more complex and personal as the scams now frequently target individuals across different sectors with greater precision creating a sense of immediate threat.
Cofense Phish Defense Center (PDC) recently observed a notable evolution in sextortion scams, which unlike earlier versions, which relied primarily on generic scare tactics, now use more sophisticated strategies, often bypassing traditional security measures.
The campaigns now personalize emails, including personal details such as the target's home address or phone number directly in the email body, in order to capture the recipient's attention and adds a layer of credibility to the scam.
Exploitation of fear through technical jargon
These emails generally originate from random Gmail accounts, which are harder to trace, rather than the typical impersonated addresses seen in earlier scams.
In addition to personal information, scammers have escalated their approach by including images of the target’s supposed home, workplace, neighbourhood or street in attached PDF files.
The email addresses the recipient by name and provides a specific location, followed by threats of a physical visit if the target fails to comply. This blend of personal details and digital intimidation is a shift from the simpler sextortion scams that used to rely solely on the fear of compromised online privacy.
The scam emails claim that the target’s device has been infected with spyware, often citing "Pegasus" as the malware responsible for the supposed breach. Threat actors use technical jargon to manipulate recipients with the hope that they have a limited understanding of cybersecurity. The emails claim that the attacker has been monitoring the victim for an extended period, gathering sensitive information, and even recording videos of them.
In some cases, the scammer adopts a casual tone lacing the message with slang or compliments to make it seem as if they have been closely observing the target's life. The message typically concludes with two choices: ignore the email and face public humiliation or pay a ransom in cryptocurrency to ensure the alleged compromising material is never released.
A recurring part of these scams is the demand for payment in Bitcoin or other cryptocurrencies. Scammers often provide a Bitcoin wallet address, sometimes alongside a QR code to facilitate the payment process.
Another notable shift in sextortion campaigns is the use of invoicing services to deliver phishing emails. These services allow threat actors to send emails that bypass certain security protocols by disguising the sender's information. Since these invoicing platforms handle the email's delivery, their legitimate headers and content often allow the message to avoid detection.
To combat these evolving scams, individuals and organizations must stay informed and vigilant. Educating users about the nature of sextortion scams and the tactics employed by attackers can reduce the likelihood of falling victim.
You might also like
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
