A new batch of “sextortion” emails are making the rounds, says cybersecurity firm Trustwave, and the latest scam has two unique features.
Sextortion spam may be randomly distributed or sent deliberately to high net worth individuals or people known to have or likely to have visited an illicit site.
Generally speaking, sextortion emails will claim that the correspondent possesses evidence that incriminates the recipient.
Some emails have claimed that senders possess evidence of spousal infidelity or extraordinary prurience.
The latest emails are no different except they purport to be from a “technical collection officer” at the American Central Intelligence Agency (CIA).
The email states:
“Case #xxxxxx”
“Distribution and storage of pornographic materials involving underage children.”
“…Case #xxxxxx is a part of a large international operation set to arrest more than 2000 individuals suspected of paedophilia in 27 countries…The first arrests are scheduled for April 15, 2019.”
The email also claims that “Gilbert Ginley” possesses the “personal details,” “home address,” “work address” and a “list of relatives and their contact information” as well as other data pertaining to the email recipient.
One notable and unique feature of the scam, says Trustwave, is it is the first they know of that links to a website that coordinates the whole affair rather than requiring targets to deal with disparate emails or bitcoin addresses controlled by the scammers.
The website in question is Satoshi Box, “a web-based platform wherein files can be bought and/or sold for Bitcoins.”
The Satoshi Box site appears to convenience extortions involving cryptocurrencies:
“The seller must upload the file to the server, set its price in dollars, and provide the Bitcoin address where the profit will be sent. SatoshiBox will then provide the Bitcoin equivalent of the file’s price and generate a unique Bitcoin address in which the buyer must use. The file can be downloaded, and the seller will get his profit once the payment is done. The buyer has no way of previewing the content of the file other than purchasing it.”
Trustwave notes that, whereas the emails ask for $5000 in bitcoins to release a supposed file of evidence on the target, the actual website where the scam is hosted asks for only $500 in bitcoins to release the relevant file:
“It seems that the scammers behind this campaign are eager to victimize more people as they are trying to make the emails scarier and the payment of the ransom easier.”
Trustwave advises the public to refrain from engaging with this scam:
“…BEWARE! Do not fall for this trick. Ignore these kinds of emails and treat any such redirects to these kinds of bitcoin platforms as suspicious.”