A new and alarmingly effective scam targeting fans of online porn has already separated victims from almost $40,000 of their cash, paid in BitCoin, according to a report by the Canadian Broadcasting Corporation. Actually, the scam is targeting non-fans as well, the CBC reports, and appears to be connected to a 2012 hack of the business-oriented social media site LinkedIn.
The scammers appear to have obtained passwords from the LinkedIn hack, in which approximately 100 million LinkedIn users saw their personal and login information stolen. The scammers use the password to persuade victims of their authenticity—and then launch into the blackmail pitch.
“I have installed malware on an adult video site,” a typical email will claim, according to a report by Fox News. “While you were watching video clips, your web browser began operating as a RDP (Remote Desktop) that has a key logger.”
The scam letter will then claim that the “malware” has allowed a hacker to take control of the victim’s computer camera and record video of the user watching porn “to experience fun (you get my drift),” the email will say, according to a report on the scam in The Miami Herald.
Next comes the coup de grace. The scam email will then threaten to “send the video to all of your contacts”—unless you pay up. A typical email will demand payment of at least $1,000, remitted in the cryptocurrency BitCoin.
The Canadian cybersecurity firm ThreeShield says that it has identified nine BitCoin addresses used in the scam, with the equivalent of $38,000 already collected through the addresses, paid by victims who fell for the scam.
Authorities in Florida say that they have become aware of a similar scam hitting victims in that region, but instead of claiming to possess video of the targeted person watching porn, the Florida scam threatens to reveal that the vicim has been cheating on his or her spouse, unless the person pays up.
“The biggest risk here is, of course, if you're using the same password for [LinkedIn] as you're using for other sites, then those have likely been compromised already,” warned ThreeShield’s Chris Nowell.
Photo by Porsche Brosseau / Flickr Creative Commons