Sextortion Scams – Help for Victims

Welcome to our Sextortion Scams warning, in which we explain this worrying phenomenon and guide and assist victims.

If you have fallen victim to a cryptocurrency sextortion scam, please comment on this article.

Introduction

Sextortion is a form of online exploitation where perpetrators blackmail individuals by threatening to release explicit images or videos of the victim unless a ransom is paid.

These threats often involve public embarrassment or harm to the victim’s personal, professional, or social life.

Sextortion can take various forms but is typically initiated through online channels, including social media, dating websites, chat rooms, and emails.

How Cryptocurrency Plays a Part in Sextortion Scams

In the context of sextortion, cryptocurrency has become a favored ransom payment method due to its pseudonymous nature.

Cryptocurrencies like Bitcoin allow scammers to maintain anonymity, making it more challenging for law enforcement agencies to trace transactions back to the perpetrator.

Scammers usually demand payment in cryptocurrency and provide a wallet address for the victim to send the funds. The transaction, once completed, is irreversible, compounding the challenges for victims seeking to recover their funds.

As cryptocurrencies become more mainstream, their use in online scams, including sextortion, will likely increase.

The rising prevalence and sophistication of sextortion scams

Sextortion scams have been on the rise in recent years, with a marked increase in sophistication and scale. Scammers are becoming more adept at manipulating individuals through psychological tactics, exploiting vulnerabilities in online platforms, and using advanced technology to cover their tracks.

The adoption of cryptocurrencies has further fueled this trend, providing an easy, swift, and relatively untraceable method for scammers to extract money from their victims. The decentralized nature of cryptocurrencies and the lack of global regulation make it harder for authorities to curb these scams, leading to a surge in such incidents worldwide.

It is also important to note that the true scale of sextortion scams is likely much more extensive than reported, given the stigma and embarrassment associated with these incidents. Many victims are hesitant to come forward, which makes tracking and combating these scams even more challenging.

Understanding Sextortion Scams

A typical sextortion scam begins with the victim receiving an email or a message from an unknown party. The scammer may claim to have compromising material of the recipient – often videos, photos, or other explicit content – obtained by hacking their device or account.

They threaten to distribute this material to the victim’s contacts, post it online, or in other damaging ways unless a payment is made, usually in cryptocurrency.

Deceptive Tactics Scammers Employ

• Scare Tactics: The scammer instills fear and panic in the victim by claiming they have control of their device and personal compromising information. This fear manipulation can cause victims to act hastily out of desperation to resolve the situation.
• False Information: Scammers may pretend to have proof of their claims, like a password the victim used or has used. They obtain this data from publicly available data breaches to make their threats seem more credible.
• Urgency: To prevent the victim from verifying their claims or seeking help, scammers often stress that immediate action is required, setting tight deadlines for the payment.
• Anonymity: Scammers operate from anonymous email addresses and demand payment through untraceable methods to avoid detection.

Role of Social Engineering in These Scams

Social engineering is a crucial tool in a scammer’s arsenal. This technique involves manipulating individuals into divulging confidential information or performing actions that may result in their exploitation.

In the context of sextortion scams, social engineering plays a significant role in:

• Creating Trust: Scammers can impersonate trusted figures or entities, making the victim more likely to believe the scammer’s claims and comply with their demands.
• Exploiting Human Psychology: Scammers leverage the victim’s fear, embarrassment, and urgency to prompt rash decision-making.

The Use of Cryptocurrency in These Scams and Why Scammers Favor it

Scammers in sextortion cases often demand payment in cryptocurrency, and here’s why:

• Anonymity: Cryptocurrency transactions can be conducted anonymously, making it difficult for authorities to identify and apprehend the scammer.
• Irreversible Transactions: Unlike credit card payments or bank transfers, cryptocurrency transactions cannot be reversed once they’re made. This makes it almost impossible for victims to recover their money once they’ve sent it.
• Global Accessibility: Cryptocurrency is not tied to any specific country or bank. This means that scammers can operate anywhere worldwide without worrying about international banking regulations or tracking.
• Ease of Laundering: Cryptocurrencies can be quickly and easily transferred, split, and moved around, making it easier for scammers to launder their illicit gains.

Real-world examples and case studies

On May 28, 2023, a person from Michigan, USA, filed the following complaint with the BBB (Better Business Bureau) regarding a cryptocurrency sextortion scam:

They said they have all my information and have put malware (RAT) – remote administration tool – on my account. Then they threatened to send inappropriate pictures to all my contacts and make my life miserable if I don’t give them $400.00.

The complainer provided the following information about the scammer:

• Email: coinbase@pro.space
• Website: www.blockchain.com
• Business name: Threat of malware installation

Scammer techniques

In the given scam case, the fraudsters employed several standard sextortion strategies:

• Creating Panic: By claiming control over the victim’s personal information and digital life, including the alleged use of a Remote Administration Tool (RAT), the fraudsters aim to incite fear and panic. This panic can lead victims to irrational decisions like complying with ransom demands.
• RAT Malware Claims: Scammers often falsely claim to have installed RAT malware to convince victims of their control over their devices. It’s important to remember that these claims are usually false. Nonetheless, running a thorough antivirus scan is wise if malware is suspected.
• Spoofing Legitimate Services: Fraudsters often misuse the names of reputable cryptocurrency platforms to lend credibility to their scam. They deceive victims by creating the illusion of interaction with authentic entities.
• Cryptocurrency Ransom: The anonymity offered by cryptocurrency makes it a preferred mode of ransom payment. The tracking and recovery of such payments pose significant challenges.
• Calculated Ransom Amount: Fraudsters often demand specific amounts that are high enough to be lucrative yet plausible for victims to pay. In this case, the $400 demand increases the victim’s likelihood of compliance.

Complaints We Received

On August 28, 2023, we received the following complaint:

I’ve been scammed, and the perpetrators are threatening to send explicit photos of me to my family if I don’t pay them.

If you find yourself in a similar situation, there are some general steps that experts typically recommend:

1. Please do Not Pay the Scammer: Paying might seem to make the problem disappear, but it rarely works. Scammers are likely to come back and ask for more money.
2. Document Evidence: Take screenshots of the messages, emails, or any other correspondence with the scammer.
3. Contact Local Authorities: File a report with your local police, providing all evidence you’ve gathered.
4. Inform Trusted Contacts: If comfortable, consider informing close family and friends about the situation. This can be an emotional support network and prepare them if the scammer contacts them.
5. Consult a Legal Expert: You may need a lawyer specializing in internet crime or privacy issues.
6. Change Passwords and Secure Accounts: Make sure to change the passwords to all your online accounts, especially those the scammer has or might have access to.
7. Check for Malware: Run a security scan on your computer to ensure it hasn’t been compromised.
8. Contact Platform: If you met the scammer through a website or social media, report the user to that platform.
9. Seek Emotional Support: Emotional well-being is crucial beyond the legal and financial aspects. Seek the support of professionals or trusted people in your life.
10. Two-Factor Authentication: Enable two-factor authentication on all accounts that support it for added security.

On September 22, 2023, we received the following complaint:

They have threatened to publish intimate photos of me. What can I do?

Recent News (2023)

According to pgurus.com, a study shows that approximately two out of three teenagers have been targeted by “sextortion” schemes on social media apps such as Snapchat, Instagram, Tumblr, Twitter, and Facebook. The study by SNAP reveals that sextortionists primarily target young men for money, although girls are also targeted for explicit images.

The survey included 760 teens in the United States. The study found that about 65% of teens on Snapchat and other apps reported being victims of sextortion, including being tricked into speaking with people, lying about their identity online or being hacked for private information.

The report emphasizes the importance of reporting incidents to hotlines, helplines, platforms, and trusted adults for support and guidance.

The rapid advancement of AI technology is aiding scammers in targeting victims in “sextortion” schemes, where innocent photos are doctored into fake explicit content. This has increased such schemes, particularly affecting children and teens, and has been linked to multiple suicides.

Scammers can now use AI tools to create “deepfakes” that appear authentic explicit content. The FBI has received reports of victims, including minors, whose images were altered using AI tools and then shared on social media platforms or porn sites.

Existing laws have struggled to keep pace with the development of AI technologies, creating challenges in addressing this issue. Experts and organizations emphasize the need for the responsible development of such technologies to ensure the safety and protection of potential victims.

Immediate Steps After Falling Victim to a Sextortion Scam

If you suspect a sextortion scam is targeting you, it’s crucial not to engage with the scammer beyond the initial interaction.

Responding can encourage them, indicating that their tactics are working. They may see this as an opportunity to escalate their threats or demands.

Cut off all communication as soon as you identify the scam.

Document Everything (Screenshots, Email Headers, etc.)

Evidence is critical when it comes to reporting and potentially prosecuting these scams.

Document all interactions with the scammer:

• Take screenshots of all messages or emails received. Be sure to capture the full text and any contact details or usernames shown.
• Save email headers containing valuable information about the sender’s IP address and the email’s route to your inbox.
• If the scammer provided a cryptocurrency wallet address for payment, note this down.

This information can assist law enforcement and any cybersecurity professionals in your case.

Report to Local Law Enforcement and Online Platforms

Report the incident to your local law enforcement agency and provide them with all the evidence you’ve gathered. While they may not be able to act immediately, your report contributes to broader data collection efforts against these scams.

Additionally, report the scam to the platform you were contacted with (for example, your email service provider or the social media platform where you received the message). They may be able to limit the scammer’s operations or provide further assistance.

Importance of Not Paying the Ransom

Although it might feel like the fastest way to make the problem go away, paying the ransom should be avoided for several reasons:

• It doesn’t guarantee a solution. Scammers may not delete the alleged material even after receiving payment and may return to demand more money later.
• It incentivizes the scammers. Paying the ransom supports the scammer’s activities and reinforces the effectiveness of their tactics.
• It’s often unnecessary. The scammers often don’t have the material they claim to hold, and their threats are empty.

Remember, you’re not alone, and resources are available to help you navigate this situation. Contact cybersecurity professionals or organizations specializing in this area if unsure how to proceed.

The Role of Crypto-tracing in Recovery Efforts

Crypto-tracing, or cryptocurrency forensics or blockchain analysis, traces transactions and activity on a blockchain, the technology underlying cryptocurrencies. It involves examining the blockchain’s public ledger to identify, track, and analyze transaction patterns.

Crypto-tracing works on the principle that while the owners of digital wallets used in transactions may be pseudonymous, the transactions are publicly recorded on the blockchain. This means that funds moving across the network leave a trail.

Using advanced analytic techniques and tools, crypto-tracing can potentially link wallet addresses to individuals, websites, or entities and track the flow of funds.

Effectiveness of Crypto-Tracing in Identifying Scammers

While crypto-tracing is not a guaranteed method to identify scammers due to the anonymity features of cryptocurrencies, it has proven effective in numerous cases, mainly when used with other investigative methods.

Advanced crypto-tracing tools and algorithms can identify patterns of fraudulent activity, connect seemingly disparate transactions, and even potentially link cryptocurrency wallets to real-world identities. For instance, if a scammer uses a cryptocurrency exchange that complies with Know Your Customer (KYC) regulations, the exchange could potentially provide identifying information about the scammer.

However, the effectiveness of crypto-tracing can vary depending on several factors, including the type of cryptocurrency used (some have more robust privacy features than others) and the skill level of the scammer in maintaining anonymity.

The Legal Procedures Involved in Recovering Funds

Once potential identifiers of the scammers are obtained, the information can be provided to law enforcement agencies. Law enforcement can use this information to launch an official investigation, potentially leading to the identification and prosecution of the scammers.

If scammers are identified and prosecuted successfully, a court order may be issued to seize their assets. This may include their cryptocurrency, potentially allowing victims to recover some or all of their lost funds.

Victims could also take civil action against the identified scammer to recover funds. However, these legal procedures can be complex, time-consuming, and costly. Therefore, they are typically pursued when significant sums are involved, and there’s a reasonable likelihood of recovery.

Please note that this process is greatly facilitated if the scammer attempts to convert the cryptocurrency into fiat currency, mainly through a regulated exchange, as they would have had to provide identification to the exchange, leaving a more robust trail for authorities to follow.

How to Get Help with Sextortion

When faced with a cryptocurrency sextortion scam, reaching out to professionals in cryptocurrency tracing is paramount for several reasons:

• Expertise: Crypto-tracing is a complex field that requires a deep understanding of blockchain technology and forensic analysis techniques. Professionals have the necessary skills and tools to conduct these investigations effectively.
• Time Sensitivity: In scams, time is often of the essence. Funds can be quickly moved or laundered, making them increasingly difficult to trace. Professionals can act swiftly to start the tracing process.
• Legal Compliance: Professionals in this field understand the legal implications and procedures related to these scams. They can ensure that all investigative activities are conducted within legal boundaries, which is critical should the case go to court.

How Our Partnered Company Assists Victims

Our partnered company specializes in investigating cryptocurrency transactions and tracing funds on the blockchain. They assist victims of sextortion scams by:

• Tracing Transactions: Using advanced crypto-forensic tools, they trace the path of the stolen funds on the blockchain, identifying where they have been moved or split.
• Identifying Scammers: If possible, they link wallet addresses to real-world identities by analyzing transaction patterns and combining on-chain and off-chain data.
• Working with Law Enforcement: They collaborate with law enforcement, providing the necessary information and support to aid in their investigation and possible prosecution of the scammer.
• Legal Assistance: They can guide victims through the legal procedures involved in recovering funds, connecting them with lawyers experienced in dealing with cryptocurrency-related cases.

Sextortion Prevention and Protection

Securing your online presence is crucial in preventing sextortion scams and other forms of cybercrime.

Some practical measures include:

1. Privacy Settings: Regularly review and adjust your privacy settings on social media platforms and other online accounts to limit the information accessible to strangers.
2. Information Sharing: Be cautious about what personal information you share online, especially on social media. Scammers can use this information to make their threats seem more credible.
3. Secure Connections: Ensure your internet connection is secure, particularly when accessing sensitive accounts or transactions. Avoid using public Wi-Fi for such activities.

Best Practices When Dealing with Unsolicited Communication

When you receive unsolicited communication, especially those that demand immediate action or personal information:

1. Don’t Respond: If the message seems suspicious, do not reply. Scammers may use your response to gather more information about you or to confirm that your email address is active.
2. Don’t Click on Links or Download Attachments: These could lead to malicious websites or contain malware that can infect your device.
3. Verify the Source: If the message claims to be from a known entity, independently find their contact information and reach out to verify the communication.

The Importance of Strong, Unique Passwords and Two-Factor Authentication

1. Solid and Unique Passwords: Use a mix of uppercase and lowercase letters, numbers, and special characters to create strong passwords. Avoid using easily guessable information like birthdates or names. Your online accounts should have a unique password to prevent a breach on one account from affecting others.
2. Two-Factor Authentication (2FA): Enable 2FA on your accounts whenever available. This adds an extra layer of security by requiring a second form of identification beyond just your password.

Recognizing Red Flags and Phishing Attempts

Scammers commonly use techniques like phishing to trick you into revealing personal information.

Recognizing the signs can help protect you:

• Urgency: Scammers often create a sense of urgency to make you act without thinking. Be wary of any message that demands immediate action.
• Unsolicited Requests for Information: Legitimate companies usually do not ask for sensitive information through email or text messages.
• Grammar and Spelling Mistakes: Professional companies typically do not send messages with grammar and spelling errors. Such errors may suggest a scam.
• Suspicious Links or Attachments: These can lead to malicious websites or install malware on your device. Always hover over a link to see where it leads before clicking.

Implementing these measures and practices can significantly enhance online security and reduce the likelihood of falling victim to a sextortion scam or other types of cybercrime.

Sextortion Complaints We Received

On October 14, 2023, we received the following complaint from a person who reported losing $4500:

I started talking to someone online, and somehow, they came across some intimate pictures of me. They threatened to post these pictures all over the internet unless I sent them a payment each month.

On October 25, 2023, we received the following complaint from a person who reported being scammed for $150:

I recently encountered a distressing situation online, and I need advice on how to handle it. I met someone online who claimed to be local and wanted to meet in person. We exchanged intimate images; subsequently, this individual asked me to pay for some videos.

On the day we were supposed to meet, this person threatened to distribute my private images to my Facebook contacts unless I paid $ 2,000, which later was reduced to $ 1,000. Despite blocking them, I continue to receive threatening emails from various addresses demanding payment and communication.

I have taken measures to block the emails, but the individual persists in using different email addresses to continue the threats.

Cryptocurrency Sextortion Scams – Conclusion

Cryptocurrency sextortion scams are escalating as cybercriminals harness the anonymity of digital currencies to intimidate and defraud victims. The sophistication of these scams necessitates heightened awareness, quick action, and robust prevention methods.

Recognizing scams, understanding scammer strategies, and knowing how to react are crucial prevention steps. Upon suspicion or occurrence of fraud, immediate actions, such as discontinuing communication, documenting evidence, securing online accounts, and reporting to law enforcement and relevant platforms, are vital.

Preventative security measures are effective risk mitigators, such as solidifying online profiles, unique password usage, two-factor authentication, and cautious handling of unsolicited communication.

Importantly, victims are not alone. Professionals in law enforcement and cryptocurrency are equipped to assist. Crypto-tracing companies, working alongside law enforcement, could potentially identify scammers and recover stolen funds. Emotional and psychological support is also available through various networks and counseling services.

Victims should never blame themselves; the onus is entirely on the scammers. The key takeaway for those facing a sextortion scam is that help and hope exist. Increasing awareness, adopting preventative measures, and taking appropriate action can combat this growing threat and create a safer online environment.

If you are a victim of online scams, please let us know by commenting below, and if you have lost a significant amount of money, do not lose hope. We can help you recover your funds!