Scammers often rely on fear to steal your hard-earned money. No matter the scam, whether it’s a Microsoft call scam or government impersonation, they all attempt to scare you by claiming that something is seriously wrong with you or your devices and that only they can fix it. The latest sextortion scams targeting many in the U.S. are no exception.
These bad actors contact you via email, claiming to have compromising photos or videos of you in private situations, and demand money to delete them. What’s new is that these scammers now include images of your home to make their threats seem more convincing.
I’ve received emails from many people sharing how these scammers targeted them. Below is a breakdown of the evolved sextortion scam and tips on how to stay protected.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Illustration of a scammer at work (Kurt "CyberGuy" Knutsson)
How the scam works
It starts when you get an email from a scammer claiming they recorded you while you were watching adult content. They use your name and include a photo of your house or a nearby street to make it seem real.
The scammer claims to have installed a spyware called “Pegasus” on your phone and has access to everything you watch. Pegasus is a spyware developed by NSO Group, a company that sells it only to government agencies and law enforcement.
It’s super expensive and highly unlikely that a random scammer would have access to it. Even if they did, stalking people watching adult content wouldn’t be worth their time. Plus, if they have installed the spyware on your phone, they won’t need to ask you to send money.
Once the scammer has you scared, they offer to delete the so-called footage and pretend you never existed if you pay them. They usually include a QR code for a cryptocurrency wallet and ask for Bitcoin as payment. One email I saw from a victim mentioned a ransom of about $2,000.
I’ve attached a portion of the email the victim got below. I’ve blurred out any personal info to protect their identity, but you can still check out the text.
Actual sextortion scam email (Kurt "CyberGuy" Knutsson)
HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS
How do scammers know your location?
The image of your home might make the scam look real, but it’s probably just a trick. One possible reason they have that info is a data breach. Your address might have been leaked in a breach and ended up on the dark web. Scammers could have gotten hold of it and used Google Maps to find a picture of your house. Another reason could be that you put up a listing for something online, like a rental or sale ad. If you’ve shared your address publicly in an online listing, scammers might have found it that way.
Google Maps vehicle that captures images (Kurt "CyberGuy" Knutsson)
MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS
Protect your privacy: Blur your house on Google Maps
Google Maps is how they get access to images of your house. But you can blur your house on the platform and prevent scammers from fearmongering. You’ll need to do this from a computer since the blurring feature isn’t available in the Google Maps app on iOS or Android. Follow these steps to learn how:
- Go to maps.google.com and type your home address into the search bar at the top-right.
- Click on the photo of your house that shows up.
- You’ll see a Street View image of your place. Click Report a Problem in the bottom-right corner.
- Adjust the view so that your home and anything else you want to blur is inside the red and black box using your mouse.
- Select the option to blur your home from the choices given.
- Hit Submit, and Google will review your request and blur your house if they think it’s necessary.
Google Map-blurred home (Kurt "CyberGuy" Knutsson)
4 additional steps to stay protected from sextortion scams
Here are four additional steps you can take to stay protected from sextortion scams:
1) Be cautious with personal information: Avoid sharing personal information like your address, phone number or other sensitive details online. Be mindful of what you post on social media and other platforms.
2) Watch out for red flags: Scammers are mostly bluffing. For instance, the Pegasus software they claim to be using is a lie. Stay informed about common scams and how they work. Knowing what to look out for can help you recognize and avoid potential threats.
3) Change passwords: If the email includes a password, make sure you are not using it anymore, and if you are, change it as soon as possible. ON ANOTHER DEVICE (i.e., your laptop or desktop), you should change your passwords for all your important accounts, such as email, banking, social media, etc.
You should do this on another device to ensure that if the scammer actually has access to your device, they aren’t recording you setting up your new password. And you should also use strong and unique passwords that are hard to guess or crack. You can also use a password manager to generate and store your passwords securely. Changing passwords should be a part of your general cybersecurity hygiene, even if you’re not affected by a data breach.
4) Use personal data removal services: Consider investing in personal data removal services that specialize in continuously monitoring and removing your personal information from various online databases and websites.
I mentioned above that scammers most likely got access to your address through a data breach. A data removal service can help you remove all this personal information from the internet. Check out my top picks for data removal services here.
WORLD’S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM
Kurt’s key takeaway
Scammers use fear and deception to trick you into giving up your hard-earned money. By understanding how these sextortion scams work and knowing what to look out for, you can better protect yourself from falling victim. Remember, most of these scammers are bluffing and rely on exploiting your fears. Keep your personal information secure, be cautious about what you share online and always verify the legitimacy of any threatening messages you receive. If you encounter a scam, report it to the appropriate authorities and take steps to secure your accounts and devices.
Have you ever encountered a similar scam or any other type of scam? How did you handle it? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
- YouTube
Answers to the most asked CyberGuy questions:
- What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?
- What is the best way to stay private, secure and anonymous while browsing the web?
- How can I get rid of robocalls with apps and data removal services?
- How do I remove my private data from the internet?
New from Kurt:
- Try CyberGuy’s new games (crosswords, word searches, trivia and more!)
Copyright 2024 CyberGuy.com. All rights reserved.