–Victoria Police Department
Detectives with our Investigative Services Division’s Major Crime Unit are warning the public after a series of incidents of email-based “sextortion” scams have been reported.
In these scam attempts, fraudsters send the victim an email. In that email the fraudsters include a password that the victim has used in the past. The fraudsters claim to have surreptitiously captured a video recording of the victim viewing pornography. The fraudsters then threaten to send the video to the victim’s contacts if the victim does not make a payment. Police departments in our region and on the lower Mainland, including Sidney/North Saanich RCMP, and West Vancouver Police have also recently issued similar warnings about similar incidents.Sooke]
Investigation has shown that these fraudsters are utilizing lists of email addresses and passwords stolen through data breaches that resulted from the hacking of online accounts belonging to third parties.
Several high-profile data breaches over the last few years have resulted in hundreds of millions of email addresses and passwords being stolen by hackers. These lists are then posted online, where they are accessed by fraudsters who simply email the potential victim with his or her password to give an air of legitimacy to the fraud attempt.
Some potential victims, while they did not fall prey to the original attempt, have become convinced that their individual computers have been compromised and have engaged in costly, unneeded security fixes.
Investigators have not substantiated the existence of a video in any of these incidents.
At least seven reports have been made to our investigators over the last few days.
The best weapon to protect yourself against online fraud is educating yourself and those around you. Knowing what to look for – in this case fraudsters using a familiar passwords to convince you the fraud is real – can be a way to protect yourself. Changing passwords on a regular basis is a powerful way to help protect yourself online.
For more information about fighting fraud please visit vicpd.ca/fraud.
Following is an example of the email.
Subject: [username-redacted] - [password-redacted] I know, [redacted], is your password. You don't know me and you're thinking why you received this e mail, right? Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account. What exactly did I do? I made a split-screen video. First part recorded the video you were viewing (you've got a fine taste haha), and next part recorded your webcam (Yep! It's you doing nasty things!). What should you do? Well, I believe, $1900 is a fair price for our little secret. You'll make the payment via Bitcoin to the below address (if you don't know this, search "how to buy bitcoin" in Google). BTC Address: 19VJjCjq4pxP7mh71gN1HJaxf83qWv
BJTk (It is cAsE sensitive, so copy and paste it) Important: You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don't get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with "Yes!" and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don't waste my time and yours by replying to this email
- Millennials account for half of all scam victims, Vancouver police launch NanaSays
- Are you one of the 101 million email accounts compromised via Ebrite, in a 2013 breach identified in 2019?
- BCSC wins in U.S. court to enforce order against fraudster
- Better Business Bureau’s top 10 scams of 2018
- Online dating – know what you’re signing up for
- Cyber fraud affecting businesses in the West Shore
- BC Hydro warns customers about scams after record number of attempts to defraud in 2018
- Crackdown in Mumbai has big impact on CRA tax scam
- Public warning as email-based “sextortion” scams reported
- Pornography scam uses your username and password information to extort bitcoin payment
- Emergency scam with a concerning variation
- New scam strikes with a new slick twist
- RCMP issue reminder that “gifting clouds,” aka pyramid schemes, are illegal
- Business directories: Double-check before writing them a cheque
- Scammers are at it again, this time threatening legal action
- A special prize just for you? Don’t be fooled into believing you are a sweepstakes winner
- March is Fraud Prevention Month: Here are some safety tips
- Fraud awareness: Merchants beware of counterfeit credit cards
- CRA scam prompts warning from detectives
- Don’t fill their wallets with gift cards
- Sooke RCMP issue CRA phone scam alert
- ICBC warning customers of text message scam
- No the CRA won’t tell you to e-Transfer Bitcoin or pay in iTunes cards
- Business e-mail compromise scam prompts warning
- Compromised image extortion trend leads to police warning
- LETTER: Scammed Sooke senior shares this randsomware story
- Envelope theft: Protecting yourself on your special day
- SCAM Reminder: CRA does not do transactions with links!
- Know your customer; Or, Don’t send speeding scam to RCMP
- Public warning issued after similar frauds lead to significant losses