Sextortion Scams Are Continuing to Evolve

Last month, a CIA extortion scam was reported to be widely distributed. The threat actor posed as a CIA technical collection officer and stated that they had webcam video evidence of the potential target visiting adult content sites and threatened to share the video with the target’s contacts if they do not pay an extortion fee.  A few weeks later, the threat actor changed tactics, informing the target that they are part of an underage pornography investigation, but the incriminating evidence would be destroyed for a fee. An additional variant emerged that included a password in the email for the attached PDF file containing an extortion payment bitcoin address and instructions. Another variant evolved into emails containing password-protected ZIP attachments that included both the PDF payment instructions as well as a link directing the target to the posted alleged evidence. As of April 7, 2019, Bleeping Computer reported yet another variant, which included a link to purchase the alleged password for the attached password-protected ZIP files containing alleged evidence showing the video recordings of the target. Extortion scams are constantly evolving to use different scare tactics and generate as much money as possible. The NJCCIC recommends users educate themselves and others on this and similar scams to prevent future victimization. There is no indication that any of these threats are credible. Anyone who receives one of these extortion emails should ignore and delete it. We encourage users to report cyber incidents via the NJCCIC Cyber Incident Report Form and the FBI’s Internet Crime Complaint Center (IC3) website.