According to SophosLabs, India is among Top 5 countries to send porn scams, sextortion emails and blackmail victims to send them Bitcoins.
SophosLabs is a global network of highly skilled analysts, protecting its users from known and emerging malware, ransomware and exploits.
HOW SEXTORTION WORKS
First the scammer will send vitcim a email which contain link to a Porn site. Once the victim visit the porn site, a malware will be downloaded to his computer which will record the display screen and his video via the webcam and send it to the scammer. Later the scammer emails victim asking for bitcoins or else he will send vitcim’s videos to his friends and family.
This is a typical way of blackmaling the victim for bitcoin but many of the scammers are also using different ways. Many a times the scammer really dont have any video of the victim or malware installed on victim’s computer. They just lie and many fall for this trap.
SophosLabs along with the analysts of CipherTrace researched and tracked the increasing numbers of porn scams emails and sextortion emails between 1st Sep 2019 to 31st Jan 2020. According to the reports India ranks at 5 in sending the most numbers of sextortion email and blackmailing vitcims for bitcoins. Below are the sources of sextortion emails based on the report:-
1. Vietnam: 7% 2. Brazil: 5.9% 3. Argentina: 4.8% 4. Republic Of Korea: 4.2% 5. India: 3.7% 6. Italy: 3% 7. Maxico: 2.9% 8. Poland: 2.8% 9. Colombia: 2.6% 10. Peru: 2.6 11. United Kingdom: 1.9% 12. All Other Countries: 60%
Also to note here, not all sextortion emails are directly send by scammer’s computer. Many time it is being send from innocent users whose computers were infected with spam-sending malware.
Acoording to the report by SophosLab, a total of 50.98 Bitcoin (approx Rs.2.9 Crores as of 24 Apr’ 20) were extorted from vitcims and 328 active addresses where indentified being used for sextortion. The payments from sextortion wallets were distributed as shown below:-
1. Exchanges: 44% 2. High Risk Exchanges: 15% 3. Private Wallet/Unknown: 11% 4. Carding Site & Other Criminal Activities: 10% 5. Payment Gateway: 6% 6. Other Wallet: 5% 7. Bitcoin Mixers: 4% 8. Dar Market: 2% 9. Gambling Sites: 2%
A total of 476 output transactions were identified from scammer address. The most frequent destinations for output transactions were Binance, LocalBitcoins, CoinPayments and private non-hosted wallets.
So how to be safe from these kind of scams and extortion ? The simple answer is to avoid visiting untrusted websites, use a genuine Anti-Virus, ignore these kind of spam emails and never click on any link from unknon sender. Read more article from our Scam Alert series. Also if you want to read the full report by SophosLabs visit Here.