William & Mary
Close menu Resources for... William & Mary
Popular Topics
Suggested Results
News Events
Apply Visit Request Info
W&M menu close William & Mary
Information Technology
Services

Extortion

Extortion is a strategy which often utilizes blackmailing to pressure a target into engaging in a certain behavior or action.

Sextortion

One type of email extortion is known as sextortion, which is when someone threatens to distribute private or sensitive material of a target unless the target provides the hacker with images of a sexual nature, sexual favors, or money. Targets of sextortion receive an email claiming that their webcam and audio have been compromised and that sensitive material was recorded. The sextortionist threatens to forward the sensitive material to the target's contact list unless the target submits a Bitcoin payment. Although fake, these emails incorporate a variety of tactics to create a sense of legitimacy. Such tactics include making it seem that the email originated from the target’s email address, that the blackmailer has access to a real password the target has used in the past (which was likely collected in a previous data breach), or other personally identifiable information which can be gathered through an Internet search.

Example of Sextortion

Sent: Monday, October 8, 2018 8:33 AM

Lets get right to purpose. No one has paid me to investigate about you. You don't know me and you're probably thinking why you are getting this email?

Let me tell you, i actually setup a software on the adult vids website and do you know what, you visited this website to experience fun (you know what i mean). While you were watching video clips, your browser initiated functioning as a Remote control Desktop having a keylogger which provided me accessibility to your screen and also webcam. Right after that, my software program obtained your entire contacts from your Messenger, Facebook, and email account. Next i made a double video. 1st part shows the video you were viewing (you have a good taste : )), and second part shows the view of your web camera, & it is u.

You will have a pair of options. We should check out these possibilities in particulars:

Very first choice is to ignore this e-mail. Then, i am going to send your very own video recording to each of your your contacts and thus just consider regarding the disgrace you will see. and definitely if you are in an affair, just how it will affect?

other alternative would be to pay me 3000 USD. Let us describe it as a donation. in this instance, i most certainly will right away erase your video. You will keep going on your way of life like this never happened and you never will hear back again from me.

You will make the payment through Bitcoin (if you don't know this, search 'how to buy bitcoin' in Google).

if you have been thinking about going to the cop, very well, this email message can not be traced back to me. I have dealt with my moves. i am just not trying to charge a fee a lot, i simply prefer to be paid for. You have 48 hours to make the payment. i have a special pixel within this email message, and right now i know that you have read through this e mail. if i don't get the BitCoins, i definitely will send your video to all of your contacts including members of your family, co-workers, and so forth. Nevertheless, if i do get paid, i will destroy the recording immediately. it is a non-negotiable offer that being said please do not waste my personal time and yours by replying to this message. if you want to have proof, reply Yea! then i will certainly send out your video recording to your 10 contacts.
Job/Tutor/Coach Scam 

Another form of extortion is an email about a job, a request for a tutor or a coach. These emails target people interested in work-at-home jobs. Students are a particularly vulnerable audience to such scams which are convincing due to their prospects of “easy money.” One common type of scam job is craft assembly, where the target is told to buy a kit to construct and then “sell”; however, the craft never meets “specifications” and the target is left with a useless craft they paid for. Other common email job scams include calling 1-900 numbers, which always cost money to dial, as well as email processing. In the case of email processing, targets are recruited to perpetuate the scam onto others.

Example of Job Scam

Sent: Thursday, July 6, 2017 7:04 PM

Subject: Regarding Your Resume

Hello,

We received your resume from your Career Network/School Job Placement Dept. that you are job hunting. We currently have some positions available. Reply us if you're still job hunting. Detailed job descriptions will be emailed to you when we receive your response.

Kind Regard
Messages Communicating Urgency

Similar to phishing, some scam emails will impersonate a person of importance to the William & Mary community and send messages indicating a sense of urgency to the target. Such messages have impersonated the William & Mary Provost, the President, and other officials. These scams claim that a person of importance needs assistance, is looking for someone, or a variety of other reasons which may require an urgent response.

Example of Urgent Email Scams

From: President Katherine Rowe <katherinerowe32@gmail.com>

Sent: Tuesday, September 25, 2018 3:14 PM

Subject: Follow up

Are you available?
What You Can Do

In order to avoid being a victim of a extortion, and sextortion in particular, avoid sending compromising images, do not open unknown attachments, and turn off or cover webcams when they are not in use. Although these scams seem believable, do not blindly trust the display name and report the issue.

For job scam emails, check whether the business offering the job is real by looking for an official name associated with the email, a number to call, or an address besides a PO Box. If you decide to trust the email, use your credit card so as to be able to dispute the charges, but remember, you should not have to pay to work.

Above all, never reply to spam. In order to avoid such scams, always check the originating email address for legitimacy, and do not respond to any emails from spam. For example, official William & Mary emails do not originate from gmail.com addresses.

Forward suspicious emails to [[abuse]] to alert the W&M IT security team of any potentially concerning emails. 


Questions? Contact the Technology Support Center (TSC)
757-221-4357 (HELP) | [[support]] | Jones 201, Monday - Friday, 8:00 am - 5:00 pm