Earlier this week I was the subject, but thankfully not victim, of a sextortion phishing scam. This is a new one for me but let me tell you right off the bat. It’s scary.
I’ve had pretty strong filters on my email for some years so thankfully rarely see spam or phishing emails in my inbox. Most spam goes straight to a spam folder, some to a digital lock box from where I can mark them as spam later. The typically annoying ones are about insurance with an American outfit for a car I don’t have. I also have a set of security solutions that hopefully help keep my data safe.
On this occasion though one email crept through because it used my actual email address. The title said: ‘You’re in debt,’ which is a surprise to me as I’ve not used a credit card or taken credit for some years.
It was only when I read the email that I got a shock. The email claimed to have accessed all my devices and had recorded visits to porn sites, had images and videos of me engaged in sex acts but for the princely some of $1,850 payable in Bitcoin (naturally) my nefarious activity would be deleted from the scammer’s records. The email also claimed to have taken control of my phone’s camera and inserted an operating system Trojan virus everywhere.
I’d never seen this type of attack before and research on phishing, scamming and email blackmail didn’t really help.
I was concerned that as the email used my actual address reporting the case to my email provider would somehow inadvertently result in my being locked out of my account.
As you might imagine, this episode sent me into something of a panic. While I have no concerns about my personal reputation, I was more concerned about the potential for deep fakes that might be sent to contacts since there are videos and photos of me all over the Internet. What’s more, I freely admit that I’ve visited porn sites but at my age those are dim and distant memories so the question was what, when? I’ve certainly never recorded compromising photos or videos. Even I know that would be suicidal. I
The threat to control my camera was also a concern because while it IS possible on iPhone, it is rare and even then I’d likely know by virtue of the green glow of the camera when it’s active.
The claim to have gained control of all my devices was vaguely plausible but I knew that it is many months since I’ve opened a laptop and only rarely use an iPad these days. Even so, there’s always a lingering doubt at a time when we are increasingly surveilled.
It took me some time but I eventually found out that by looking at the original message, I could determine where the email originated. In my case Colombia. I guess the narco trade down there ain’t what it used to be.
At that point I reported the email as a phishing scam. I don’t care what security wonk sees the pernicious content, however distressing to me. I just want the MOFO stopped.
It then occurred to me this might be a relatively new form of criminal activity and sure enough I discovered that sextortion is a known activity although the version I saw is relatively new.
I count myself as reasonably tech savvy but as the National Cyber Security Centre says, these nasty emails often successfully play on an individual’s emotions and fears.
It took me several days on and off to figure out what might have happened such that this nasty missive slipped through the net (sic) and over that time I set about resetting (sic) a slew of passwords - yet again. I think, or at least hope, that I’m safe once more but the entire incident threw me off balance for several days, resulting in my nuking a meeting I really wanted to attend.
The internet is a wonderful thing and without it, I would not have been able to enjoy the last few years of my life to the extent I (mostly) do today.
But there are days when the internet is a very dark place. That was one - or rather - several of them.
I can live with the inconvenience on occasion but I do wonder whether we’re slowly but inexorably becoming digital slaves for which no amount of security can protect us short of dropping off all digital channels. Sometimes that sounds appealing although I know it’s virtually (sic) impractical in 2021.
And with that I’ll get back to the thing I enjoy the most: #foodporn. Come get me scammers - I’m waiting with a plate of buratta and tomatoes that will have you begging to pay me.
A couple of other people I know ha exactly the same thing in the last week or so. Continue with the food porn, I miss you tweeting!