Classic Sextortion Scam

Yes, I know, it's an awkward email scam description and is often very successful, especially if the recipient has indeed been visiting what we might call inappropriate web sites.  This type of scam may also be described as an I know what you have been doing scam!

The fundamental premise here is the the email is a pack of lies designed to alarm you into taking action which you would otherwise never take in the cool light of day.  It's just not true and you could easily simply mark the email as spam, or delete it, or both, and move on.

If you are concerned in anyway, simply switch your computer/device off and call someone you know personally for a second opinion.  Or bring your computer/device into Lincoln Computer Centre and we can can confirm there is actually no problem as described in the email.  Or we could remotely access your computer (ironic much?) and check it out.  Call us on 08 8682 1666 if you are concerned.

So let's break it down...

From: d21db0355@htmlapp.com

First up the email has a dodgy sender email address so with a bit of luck your spam filter will already have knocked out this type of email.

htmlapp.com is actually a registered domain name but it's not in use and the link will take you to a website which will sell you the domain for USD$5000 which seems a bit dodgy as well!

Hello!

A bright and cheerful greeting for sure, but that does not last very long....

Unfortunately, I have some unpleasant news for you.

Oh dear, what happened to cheerful?

Roughly several months ago I have managed to get a complete access to all devices that you use to browse internet.

Seems unlikely, one device maybe, but all of them?

Afterwards, I have proceeded with monitoring all internet activities of yours.

Also unlikely but it is fair to say that one's email can be compromised and there is then indeed a possibility of monitoring emails.  To monitor all internet activities you would need to have remote access software installed, again unlikely, but possible.

You can check out the sequence of events summarize below: 

Previously I have bought from hackers a special access to various email accounts (currently, it is rather a straightforward thing that can be done online).

We know that from time to time, huge databases of email addresses, and sometime passwords, are compromised, so this is not impossible.  If you browse to haveibeenpwned.com you can see that this is a thing.  Don't be alarmed, it's not as bad as it looks, but it is a thing.

Clearly, I could effortlessly log in to your email account as well (lcc@reply.repairshopr.com).

Actually, they cannot because this email address is generated by our service management system and is not a mailbox that anyone could login to.  The takeaway here is that all email address become public one way or another, even without compromised databases.  What the scammer wants you to think is oh my gosh, they know my email address! This particular email came through our service management system, not to our regular mailbox.  Sometimes they will even include a password which could be an old password, or it could be very close to your current password, either way it is a good opportunity to change your email password immediately just for your own peace of mind.

One week after that, I proceeded with installing a Trojan virus in Operating Systems of all your devices, which are used by you to login to your email.

They are reinforcing the point they they have control of your computer, which they do not!

Actually, that was rather a simple thing to do (because you have opened a few links from your inbox emails previously).

This is actually believable, because most email compromises come from people clicking on links which are fake and then giving up their email credentials to the scammer.

Genius is in simplicity. ( ~_^)

Evil genius at best....

Thanks to that software I can get access to all controllers inside your devices (such as your video camera, microphone, keyboard etc.).

Again, reinforcing the remote access theme, if a scammer did have remote access to your computer then all of this is possible.  You can see that the email gradually draws you in to believing it's true

I could easily download all your data, photos, web browsing history and other information to my servers.

Also feasible, if they have remote access to your computer

I can access all your social networks accounts, messengers, emails, including chat history as well as contacts list.

Some of this might be possible if they have remote access to your computer

This virus of mine unceasingly keeps refreshing its signatures (since it is controlled by a driver), and as result stays unnoticed by antivirus software.

There is no virus (that is a bit old school) but there could be malware involved if the email was true, where your internet security software has a better than even chance of detecting and blocking it.  

Hereby, I believe by this time it is already clear for you why I was never detected until I sent this letter...

He was never detected because it never happened!

While compiling all the information related to you, I have also found out that you are a true fan and frequent visitor of adult websites.

Now we get to the crux of the scam!

You truly enjoy browsing through porn websites, while watching arousing videos and experiencing an unimaginable satisfaction.

To be honest, I could not resist but to record some of your kinky solo sessions and compiled them in several videos, which demonstrate you masturbating and cumming in the end.

Well, that's all a bit salacious!  And it a bit personal.  And quite rude.  But you can see what the scammer is trying to do here, this email might be considered to be a bit embarrassing, even more so if the allegation is actually true (!) and the idea is that the target of the scam does not want anyone know to know about their nefarious deeds.

If you still don't trust me, all it takes me is several mouse clicks to distribute all those videos with your colleagues, friends and even relatives.

So now the scammer piles on,  nobody wants their friends and relatives knowing about these activities, even if they are fake!

In addition, I can upload them online for entire public to access.

Well that's a bit harsh, the scammer might otherwise have you convinced and now they are just overplaying it

I truly believe, you absolutely don't want such things to occur, bearing in mind the kinky stuff exposed in those videos that you usually watch, (you definitely understand what I am trying to say) it will result in a complete disaster for you.

Yep, it's a pile on!

We can still resolve it in the following manner:

Oh good, a solution.....

You perform a transfer of $1590 USD to me (a bitcoin equivalent based on the exchange rate during the funds transfer), so after I receive the transfer, I will straight away remove all those lecherous videos without hesitation.

Yeah right.  The payment is a bit precise, I guess that makes it seem more legit?  

Then we can pretend like it has never happened before. In addition, I assure that all the harmful software will be deactivated and removed from all devices of yours. Don't worry, I am a man of my word.

Given that the scammer is pretending as well, this seems like a fair deal.  And you can trust him of course, despite all the preceding threats!

It is really a good deal with a considerably low the price, bearing in mind that I was monitoring your profile as well as traffic over an extended period.

What is a reasonable price for protecting one's reputation?  I guess AUD two grand is pretty cheap when you look at the apparent consequences of not paying

If you still unaware about the purchase and transfer process of bitcoins - all you can do is find the necessary information online.

A link would be handy.  Who pays using Bitcoin anyway?

My bitcoin wallet is as follows: 1MW4maqRuqi62YiRNMaBiHT65WJJMEAvQw

The irony here is that this looks dodgy.  I guess it is a real Bitcoin wallet but who would know?

You are left with 48 hours and the countdown starts right after you open this email (2 days to be specific).

Good luck if you don't notice the email for a few days, or if it went to spam and you never saw it!  You won't see a second email because they don't actually know who you are!  Nothing will happen after 48 hours.

Don't forget to keep in mind and abstain from doing the following:

Oh good, a checklist

> Do not attempt to reply my email (this email was generated in your inbox together with the return address).

Not true

> Do not attempt to call police as well as other security services. Moreover, don't even think of sharing it with your friends. If I get to know about it (based on my skills, that would be very easy, since that I have all your systems under my control and constant monitoring) - your dirty video will become public without delay. 

Don't tell anyone lol, I guess if you believe the scammer does have complete control over everything you do, you might be in trouble, but they are hardly going to know if you get into your car and drive down to the police station! 

> Don't attempt searching for me - it is completely useless. Cryptocurrency transactions always remain anonymous.

Agreed, and even if you paid via Bitcoin, the scammer would not know it was from you!

> Don't attempt reinstalling the OS of your devices or even getting rid of them. It is meaningless too, because all your private videos are already been available on remote servers.

Actually, re-installing your operating system from scratch would remove the scammer, if he really was there in the first place, which he was not.

Things you should be concerned about:

*not concerned about

> That I will not receive the funds transfer you make.

That's definitely true, you are not going to send him any money

Relax, I will be able to track it immediately, after you complete the funds transfer, because I unceasingly monitor all activities that you do (trojan virus of mine can control remotely all processes, same as TeamViewer).

Relax? How could I?  The scammer is threatening to ruin my life!

> That I will still distribute your videos after you have sent the money to me. 

Well der!  Any decent scammer who did have all of the videos would simply come back to you for more money if you paid them the first time, I think they get their ides from old movies involving hostages...

Believe me, it is pointless for me to proceed with troubling you after that. Besides that, if that really was my intention, it would happen long time ago! 

No it wouldn't have, it did not even happen this time!

It all will be settled on fair conditions and terms!

Fair?? The entire premise of the email is unfair!

One last advice from me... Moving forward make sure you don't get involved in such type of incidents again!

What, no more porn? Ever??

My suggestion - make sure you change all your passwords as often as possible.

This is actually superb advice.  Not too often though, that becomes unworkable, but also add two-step (aka two-factor or multi-factor) authentication to doubly protect your email from being compromised.  It can happen, but not like this scammer has suggested!

Greg Williams 4 May 2022