In the first five months of 2019, an American software company called Symantec has blocked almost 300 million scam emails that attempted to extort cash from potential victims by threatening to expose their infidelity.
The scenario goes like this: an email arrives in your inbox with one of your old passwords in the subject line. Out of curiosity, you click on the email, only to find out that the sender has allegedly hacked into your device while you engaged in sexual activity. If you don't send a few hundred dollars in bitcoin to the hacker, they will reveal your embarrassing footage to everyone in your contact list.
This is just one of the classic templates of a bitcoin sextortion email.
Blackmail schemes are not new, although the scam emails asking for bitcoin ransoms started appearing mid-2018 and was revived early this year. Most phishing emails usually follow the same pattern so the bitcoin scam was supposedly easy to discredit.
"Threats, intimidation and high-pressure tactics are classic signs of a scam," reported by the Federal Trade Commission (FTC) on their website.
Unfortunately, after the bitcoin evolution, many people fell victim to this scheme. Based on the data gathered by Symantec alone, the scammers' bitcoin wallets received a total of approximately US$106,240 in that period, which means they could be making just over US$1.2 million in a year."
By October, the sextortion scammers pivoted to litecoin, bitcoin's rival cryptocurrency platform, to target more well-off victims. By this time, the scam was now officially dubbed as the "Save Yourself" malware.
In December, another alleged bitcoin scam was busted. Five men from a company called BitClub Network are now facing federal charges for milking money from their victims. The suspects purportedly preyed on willing investors who will buy shares in bitcoin for mining equipment. The extorted amount totaled $722 million.
After this incident, the public is once again warned by government officials to stay ahead of "clever crooks" who extort victims and ask for ransom in cryptocurrencies.
How to Protect Yourself From Email Scams
The FTC encourages people who receive sextortion emails to report the incident immediately to the local police and the FBI. To stay ahead of scammers and avoid falling victim to cryptoblackmails, the commission offered these practical tips:
- Spot imposters. Scammers often pretend to be someone you trust. Never answer an unexpected request by sending money or giving out personal information.
- Do online searches. A Google search is one quick way to find out if you're dealing with a fraudster. Type in the product or company name with words like "review," "complaint" or "scam" to find out if you're dealing with one.
- Don't believe your caller ID. It's easy to fake caller ID information these days. If someone calls asking for money or personal information, hang up immediately. If you think the caller might be telling the truth, call back to a number you know is genuine.
- Don't pay upfront for a promise. Someone might ask you to pay in advance for things or might even say you've won a prize. Again, remember the first rule: learn to spot imposters.
- Consider how you pay. Credit cards have significant fraud protection built in them, but some payment methods like wired money, reloadable cards, or gift cards are risky.
- Talk to someone. Con artists want you to make decisions in a hurry and might even threaten you. Before you give up your money or personal information, talk to someone you trust.
- Hang up on robocalls. If you answer the phone and hear a recorded sales pitch, hang up and report it to the FTC. These calls are illegal, and often the products are bogus. Don't press 1 to speak to a person or to be taken off the list. That could lead to more calls.
- Be skeptical about free trial offers. Some companies use free trials to sign you up for products and bill you every month until you cancel. Before you agree to a free trial, research the company and read the cancellation policy. And always review your monthly statements for charges you don't recognize.
- Don't deposit a check and wire money back. By law, banks must make funds from deposited checks available within days, but uncovering a fake check can take weeks. If a check you deposit turns out to be a fake, you're responsible for repaying the bank.
- Sign up for free scam alerts from the FTC at ftc.gov/scams. Get the latest tips and advice about scams sent right to your inbox.
How to Keep Your Personal Information Secure Online
Good data hygiene is the key to avoiding phishing scams. Here are some good data security habits to practice:
- Be alert to impersonators.
- Safely dispose of personal information.
- Encrypt your data.
- Keep your browser secure.
- Keep passwords private
- Don't overshare on social networking sites.
In a time when technology poses both risks and advantages, staying vigilant is the best way to protect yourself from fraudsters.