The scam began in 2017, but it piques the interest of the larger community only after its list of victims grew in mid-2018. According to research by Digital Shadows, a UK-based digital risk assessment firm that tracked over 792,000 targeted emails, Bitcoin in the range of $300,000 was stolen from over 3,100 unique BTC addresses.
The report further stated that the funds were then deposited in as many as 92 Bitcoin addresses. The firm further suggested that the criminals engaged in “sextortion” and extorted an amount totaling $540 in Bitcoin from each victim.
The report defined “sextortion,” as follows,
“Spam campaign claiming to have footage of recipient watching pornography. Included threats to publicly release video.”
Victims of this scam were sent an email with a threat that an explicit video of them was recorded, via their webcam, and would be floated on the Internet if a certain amount of Bitcoins were not sent to a given address.
Digital Shadows reported a divergence of emails sent to victims, with some showing bare understanding of how to craft an email and how its distribution worked, resulting in some of them being deposited in the spam folder. Others were well curated and sent from newly created Outlook email addresses.
The scam was operated from a number of locations, or rather IP addresses. According to the report, the highest proportion of the emails disseminated from Vietnam (8.5 percent), Brazil (5.3 percent), and then India (4.7 percent). The research firm further suggested that the email servers could have been compromised, which was why specifying an accurate location was inconclusive.
New accomplices were hired by the scammers to continue their ongoing operations and were paid a whopping $360,000 a year, the report said. Additionally, the criminals who had skills in network management, penetration testing and programming expertise were paid $768,000 a year.
Individuals who had a high net-worth were targeted for these scams on social media. Furthermore, the scammers also targeted the victim’s marital status, using it to form an online relationship with a married person and threatening to reveal details of the same if the ransom in Bitcoins was not paid.
Rafael Amado, a senior strategy and research analyst at Digital Shadows further elaborated that social media sites like LinkedIn were primarily targeted to find the right victim. He stated,
“Using it can help identify a potential victim’s job, likely salary and firms they have worked for. They may also disclose details of family members, marital status and their location. If this is supplemented with breach data such as passwords then it can make an extortion attempt more potent.”