#romancescams | Sextortionists return for Christmas – price goes down, threats go up – Naked Security


A week ago, a concerned Naked Security reader shared with us a “send us money or else” email that was a bit different from others he’d received in the past.

The claims and the demands followed a predictable theme – one that we call sextortion because of the connection between sexuality and extortion.

Simply put, the scammers open their game by telling you they’ve infected your computer with spyware, so they can spy on both you and your screen at the same time.

And, guess what?

They’ve got side-by-side screenshots of your browser window and images from your webcam, taken while you were watching porn, and they’ll share their juicy video with everyone you know…

…unless you pay hush money into a specified Bitcoin address.

But the modus operandi – the way last week’s email was delivered – was a bit different different from usual.

The crooks had hidden their whole email rant inside an inline image, presumably to stop text-scanning email filters from picking up on keyword combinations such as porn, Bitcoin and webcam.

Of course, if an email filter can’t extract keywords from the image, then you can’t copy and paste the vital Bitcoin address either, so the crooks provided a QR code instead.

And, just in case a really keen email filter tried to do optical character recognition (OCR) on the image to recover the original text, the crooks had used numerous slightly wacky versions of common English letters such as A, E, I, O and U – scattering them liberally with accents and other marks that are widely used in many languages but never appear in English.