Skip to content
Consumer
Link copied to clipboard

Porn watchers beware: New email scam attempts ‘sextortion’

A new email scam tricks users into thinking that hackers have recorded videos of them watching porn. (They haven't.)

Ed Eisen is one of thousands of consumers to receive a "sextortion" email from scammers who allege that they've hacked computer webcams and recorded the victims watching porn. The scammers threaten to spread the videos online unless they're immediately paid $7,000. But the scam is a hoax. Ed describes his reaction upon seeing the threatening email.
Ed Eisen is one of thousands of consumers to receive a "sextortion" email from scammers who allege that they've hacked computer webcams and recorded the victims watching porn. The scammers threaten to spread the videos online unless they're immediately paid $7,000. But the scam is a hoax. Ed describes his reaction upon seeing the threatening email.Read moreCHARLES FOX / Staff Photographer

The mysterious hacker claimed to have the goods on Ed Eisen and threatened to release a video of him watching porn unless he paid $7,000.

The July 27 email from "Sylvie Whitia" detailed an elaborate scheme to collect Eisen's contacts, compromise his computer webcam, and record him enjoying adult websites. He had just 24 hours to pay up in Bitcoin, or else his friends and family would be sent the embarrassing video, the hacker warned.

But there was one major flaw in this failed extortion attempt.

"I don't watch porn," said Eisen, an 82-year-old motivational speaker and longtime public relations man whose clients have ranged from Saint Teresa of Calcutta to members of Philadelphia's mafia.

Eisen is one of likely thousands to recently receive a ransom message like this, in which cyber criminals claim to have evidence of targets watching porn, cheating on their spouses, or otherwise behaving badly. These "sextortion" emails include users' personal information to add authenticity, according to law enforcement and cyber security experts. But in most cases, the cyber criminals are bluffing and don't really have dirt on their targets.

 >> READ MORE: The strange case of a cyber strike that (briefly) renamed a government agency

"It is a hoax," said Devon Ackerman, an associate managing director at Kroll, a cybersecurity and investigations firm. "There is probably a small percentage that is true, but the current mailing campaign we're seeing globally right now that Kroll is tracking is by far and large a hoax. It is very low tech. It is relying on human vulnerabilities."

The FBI warned the public Tuesday to beware of such scams and said it's recently received a surge of reports about the issue. The bureau's Internet Crime Complaint Center said targets have received such extortion attempts in both emails and letters.

Sextortion scams are nothing new, but the latest campaign has added a twist to make the messages more believable. The emails often include recipients' personal information, such as usernames and passwords, giving the supposed hackers credibility. However, user information like this is easily available on the dark web after high-profile breaches at major websites, experts said.

 >> READ MORE: Hackers reprogram Delco highway sign to flash vulgarity

"They put enough facts in the email to make you think they really have compromised the system, when in reality the usernames or the passwords or email addresses are just from other publicly available website compromises," Ackerman said.

In Eisen's case, the message he received included his name and an old username connected to his former communications firm. Eisen said he hasn't used the email address in years.

The ransom note was written in broken English. "Lets get right to purpose," it began. The hacker claimed to set up malware on porn websites, remotely control Eisen's desktop, and record him watching porn.

"1st part shows the video you were viewing (you've got a fine taste lol . . .), and 2nd part shows the recording of your cam, yea it is you," the email said. "In case you are in an important relationship, how this will affect?

 >> READ MORE: Devon man, computer hacker known as 'Green,' sentenced for stealing usernames

The hacker then demands a $7,000 payment in one day to avoid dissemination of the video, providing a Bitcoin address.

Eisen said he was initially shocked when he got the message, then broke out in "total and complete laughter." He said he's "never played around in his 82 years," and noted he's been married to the same woman for nearly six decades.

"This person, whoever he or she is, may be doing this to thousands of other people," Eisen said. "It ought to be a warning, in my view, to maybe people my age."

It's unclear how many people have fallen for the scam.

Brian Krebs, a former Washington Post reporter who runs the news website Krebs on Security, reported the sextortion scheme tricked dozens of people into paying anywhere from a few hundred to thousands of dollars, based on his review of Bitcoin addresses his readers received. Websites such as bitcoinwhoswho.com allow users to see transaction histories for Bitcoin accounts.

 >> READ MORE: Two Russians sentenced in Camden in massive hacking scheme

A collection of sextortion Bitcoin addresses posted in Pastebin by Twitter user @SecGuru_OTX identified 313 addresses that received roughly $250,000 in payments as of July 26. The Bitcoin address emailed to Eisen was not included in the list.

An FBI spokesperson said current data on extortion schemes wasn't available. In 2017, the FBI's internet complaint center received 14,938 extortion-related complaints with victims losing more than $15 million.

Experts said these hoax sextortion scams are cheap and easy ways for the criminals, typically from foreign countries, to make money. If a scammer sends 10,000 emails and just 1 percent of users pay, "that's found money," said Michael Levy, chief of computer crimes at the U.S. Attorney's Office for the Eastern District of Pennsylvania.

"There's no cost or anything to the operation," Levy said. "You just spam everybody and if 50 percent of your audience is male, you have a good chance your recipient has at some point watched pornography. And it goes downhill from there."

 >> READ MORE: Facebook hackers likely hit most users

Half of casually dating men watch porn weekly or more frequently, compared with just 1 percent of casually dating women, according to the Institute for Family Studies. A fifth of married men said they regularly watched porn versus 3 percent of married women.

There are a number of things consumers can do to protect themselves.

For one, don't pay the extortionists. "There's no guarantee it's going to remove the threat and you're just furthering the exploitation of yourself and others," said Krebs, the security reporter.

Carefully read the ransom notes for specific details, such as the names of the sex websites you allegedly visited or when the incident took place. You'll likely find that the message doesn't include those details and is really a vague, generic script, Ackerman said.

And then there are best computer security practices, such as never reusing passwords or opening links and attachments from unknown sources. If you're really paranoid, you can cover up your webcam with tape, because bad actors can remotely control your webcam, Levy said.

Or you can be like Eisen, and just refrain from watching porn.