Crypto Blackmail Scam: How to Avoid and Blackmail safety
Imagine you receive a message – often a pop-up on your computer screen that threatens to unveil your habit of watching pornography or an alleged infidelity. The only way of preventing the perpetrator from telling all of your friends and family members is to pay him off. This is called cryptoblackmail and it’s the newest way that thieves seek to separate people from their cryptocurrency, the virtual online currency.
Blackmail is a threat to take some (negative) action if the victim doesn’t pay a certain amount of money. This scam has been around for hundreds of years, as described in the plays of Shakespeare and the stories of Charles Dickens. New technology gives these rip-off artists many new ways to enact their schemes, and a much larger pool of potential victims. And web browsing provides all of the ammunition the scammers need to execute their plans.
Cryptoblackmail has only been around since mid-2017 but it has spread very quickly. It requires that the victim pay in Bitcoin or another untracable online currency. Each time it’s posted to a blog or mentioned in the media hundreds more victims come forward asking that to do. What’s interesting is that some victims are getting blackmailed by snail mail, a decidedly retro take on such high-tech thievery.
If you’re thinking that cryptocurrency isn’t common enough for that many people to be blackmailed this way, you’re right. Often the blackmailers provide step-by-step instructions for purchasing cryptocurrency so the victim can pay off the perpetrator.
Cashing in on shock and shame
Online pornography is the reason so many people have been affected by this scheme: scammers have installed malware on porn websites that collect information from the victims’ computers through keyloggers. The malware causes a pop-up window to appear, and some version of this message is shown:
“Hello. I know that [XYZ] is your password and that you’ve been visiting this porn site frequently. In fact, I was able to take control of your web cam and your address book. If you don’t deposit a Bitcoin payment of $1,900 in my account I will send photos of your online activities to everyone in your address book, including your family, neighbors, and friends.”
The scammers count on the motivational value of the shock and potential shame involved in telling your neighbors and family members about your pornography habit (or infidelity, etc). Many people have coughed up the required currency to stop the embarrassing attack and make it go away. Others who ignored the scheme haven’t reported any reprisals, so it is probably safe to ignore.
It’s a simple scheme: by sending a high number of these blackmail threats the scammers are hoping to get even a fraction of people to freak out and pay the money impulsively. It’s not the same threat as ransomware, which used more sophisticated attacks to hold computer systems hostage until a fee is paid. These attacks have disabled many school and municipal computer servers until thousands of dollars were handed over.
The password they use in the pop-up, email, or letter is likely one leaked in a past hack, such as Yahoo. That’s why experts warn people not to reuse passwords, to make passwords challenging, to use a password manager, and opt for two-factor authentication.
Bitcoin currently inhabits a shady grey area of commerce and regulation. Blackmail is illegal, but trying to find and punish the people responsible for this scheme is challenging at best. They could be anywhere in the world, and the currency itself is loosely regulated. While some reports say you can look up the amount of currency in a particular account it’s unlikely that authorities are able to trace that account to an individual. That’s why Bitcoin has been the preferred currency for hiding illicit transactions online, particularly on the Dark Web’s Silk Road.