Scammers are sending sextortion emails like the one below. They say they have been spying on your computer activities and have photos of you viewing intimate content. Then, the scammer says they will release the footage to your contacts unless you pay them a fee of at least $800.
What should you do if you receive sextortion emails?
- Ignore and delete the emails. These emails are sent to thousands of people, regardless of whether they’ve been looking at illicit content or not. The scammers use login information stolen from breached websites and then mail merge the data into email templates.
- Do not reply to the email, as it might encourage additional attacks.
- Continue to watch out for phishing email signs, including spoofed email addresses, misspelled words, and incorrect grammar.
- Run an anti-virus scan with two software programs, such as Trend Micro and Malwarebytes, as a precaution.
- Ask your IT provider to create gateway filters to block terms commonly used in sextortion emails.
- Enter your email address into haveibeenpwned.com to see if any online accounts have been breached. If the tool pulls up any results, change your passwords for those sites. If you used those passwords on different websites, you’ll need to update that information also.
- Check if your email or domain is on the sextortion target list by going to cofense.com/sextortion/ website. Continue to check your domains on this website periodically.
- Use different passwords for each online account. The passwords should be complex with a mixture of uppercase and lower-case letters, numbers, and symbols. These passwords can be stored in a password manager, such as Dashlane or LastPass.
- Use multi-factor authentication on your email accounts. You can have a one-time code sent to your phone every time you log into your account. Our technicians can assist with this task.
- Submit a request to our help desk at email@example.com or 877-794-3811 if you have questions about any suspicious-looking emails.
- Ask us about getting additional protection of your systems with our Security as a Service. Our packages include web security, email security, web monitoring, enterprise anti-virus/anti-malware protection, ransomware protection, and intrusion management. More details are here.