[Published on 16th April 2020]
We’ve received recent reports (from both ClearScore & non-ClearScore users) about a type of fraudulent scam called a ‘Sextortion scam’. This is a common type of fraud that has been seen over the last few years and seems to be re-appearing over the last few weeks.
This type of scam usually involves the following steps:
1) You receive an email from the perpetrator with an unknown email address (or sometimes multiple emails)
2) In this email, the perpetrator quotes a password that may/may not belong to you
-
This is usually a password you’ve used in the past for an online account, and so this password is tied to your email address
-
This is often quite an old password (used over 5 years ago, that often isn’t in use anymore)
3) The perpetrator discusses the scam that they have supposedly performed on you
-
Placing malware on adult websites to ‘gain access’ to your device, and record webcam footage
4) The perpetrator then demands you send money (usually $1500 - 2000$) to a particular Bitcoin account (this account often changes in each email), otherwise, they will distribute the webcam footage that they have reportedly recorded
Frequently asked questions about this scam:
1) Is this a scam?
Yes. This is a fraudulent scam email which is looking to extort money from those who give in to the demands outlined in the email.
2) Is this my actual password?
A big part of the scam is the fact that the perpetrator has quoted your password, and their hope is that this will scare you into complying with the perpetrator’s demands.
It’s often the case that the password quoted is an actual password you’ve used in the past for an online account, and so this password is tied to your email address.
This is often quite an old password (used over 5 years ago, that often isn’t in use anymore).
3) How did they obtain my password?
Our belief is that the perpetrator has obtained this information from the dark web, drawing information from data breaches involving popular websites in the past.
You can find out if your details have been stolen as a result of a breach using our dark web monitoring service, ClearScore Protect, or other similar services such as 'have i been pwned'.
4) Did they obtain my password from ClearScore (or ClearScore Protect)?
No. Our systems and processes have not been compromised. ClearScore don’t actually hold or store any full passwords, and any partial passwords we do have are encrypted and stored in a secure data centre. There wouldn’t have been a way for the perpetrator to obtain this information through ClearScore.
‘Partial passwords’ are as you can see them in ClearScore Protect, with some/most of the password asterisked out for security.
5) I've started receiving these emails soon after using ClearScoer Protect. Why?
We have had reports of these sextortion scams being performed over the last few weeks across a number of countries (including the UK).
These scams (and the perpetrator(s) involved) are targeting a number of individuals including both ClearScore & non-ClearScore users.
We are continuing to investigate this, however as mentioned before, our systems and processes have not been compromised.
6) Are the other claims in the email true?
No. The perpetrator’s claims (installing malware, gaining access to individuals’ devices, accessing webcam footage, accessing the individuals’ contacts) are not true.
What should I do if I've received one of these? How can I prevent falling victim of the type of scam in future?
The key steps below will help you if you’ve received one of these scam emails, or if you’re looking to prevent falling victim of this type of scam in future.
1) Do not respond to the email or pay the ransom
The perpetrator(s) are looking to identify and target users who will comply with their demands.
2) Report this attempt to Action Fraud
If you haven’t yet engaged with the perpetrator, you can report this fraudulent attempt to Action Fraud.
3) If you have already paid the ransom or provided personal information, report this to Action Fraud as a crime
If you’ve already engaged with the perpetrator (by providing further information or paying the ransom), you should report this to the police (via their Action Fraud service).
4) Change the password being quoted
Make sure that you are no longer using the password quoted by the perpetrator, and that you’ve changed this password in any place that you can remember using it.
5) Make sure your email account is secure
Your email account is often the gateway into a number of other online accounts that you may have. Make sure your email account is secure by ensuring it has been set up with a unique, strong password, and that this has 2FA enabled where possible.
If you have concerns that your email account has been compromised, consider shutting this account down and opening a new, secure email account.
6) Enable 2FA (two factor authentication) and additional security measures where possible
If possible, look to use 2FA on any sites/accounts that offer this (including your ClearScore account), as this will provide you with additional protection from unknown 3rd parties.
Sample scam email:
Below is a sample of what email you may receive as part of this type of scam. There may be some slight variations to this, but the pattern tends to stay very similar.
Subject line: [VICTIM’S NAME] - [INSERT PASSWORD]
Message content:
“I know [INSERT PASSWORD] is your password. You don’t know me and you’re thinking why you received this e-mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to you display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do? I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and part part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do? Well, I believe, $1900 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: bc1qj2gu9gkhs95354esgsz8tyq9q78hsj7hfsdq7ww (It is cAsE sensititve, so copy and paste it)
Important: You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immediately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.
Barnard”