You’ve probably come across an online sextortion scam before.
An email pops up in your inbox, claiming that the sender has obtained indecent photos or videos of you, including nudes or sex tapes. The sender offers to keep the contents private if you pay a fee, but then threatens to make the photos public and send them to your friends and loved ones if you don’t comply.
Scammers are using photos of your home to amplify sextortion threats
Despite its popularity, scammers continue to use this model across the web and it remains a successful tactic, but its effectiveness may be starting to wane as new and improved sextortion scams begin to take hold.
This latest version of the sextortion scam has a whole new twist: proof that your spouse is cheating. In the scam, victims even use their real names.
Sexual blackmail scam against an affair partner
The first public mention of this new sextortion scam was in Reddit Just last month.
Reddit user Extension-Bunch9277 posted a screenshot of the email he received on the r/Scams subreddit. In the email (addressed to Extension-Bunch9277’s partner), the scammer uses the Reddit user’s real name at the beginning of the email, and then their spouse’s real name. The Reddit user explained that the scammer even included a second last name that they “rarely use.”
Mashable Lightspeed
The email claims to have evidence that the recipient’s spouse is cheating, and offers to give the user full access to this supposed evidence at a linked website. The Reddit user did not click on the link, but a user who replied a few days later posted that they did. The sender’s email appears to be spoofing an email address for 3Bigs, a legitimate healthcare data company.
In the comments on the Reddit post, other Reddit users have reported receiving similar emails recently, including some who were recently married. Users report that the scammers were able to access not only the name they publicly use, but also their maiden name.
The Reddit post was first noticed by cybersecurity news outlets. Bleeping Computer.
This is clearly a scam, a modern version of the classic sexting blackmail scheme mentioned above. However, it’s not clear how this particular version of the scam plays out when users are duped. Reddit users who said they clicked on the link reported being taken to a website’s login page, where they could not proceed further. The scam could include demanding payment to receive supposed data. It’s also possible that the link leads to a download for the target, which will inevitably install malware on their computer.
In the thread, several Reddit users shared that they had recently used wedding planning platform The Knot, but it’s unclear if there’s any connection between the service and the scam. It’s also possible that scammers are using public background check websites to get this information. Last month, Mashable reported that a background check company had suffered a major data breach. National DataSensitive data of 2.9 billion people was leaked.
Earlier this week, Mashable reported on a new sextortion scam, first reported by 404 Media, which uses images of a target’s home address, potentially obtained from services like Google Maps, to blackmail them into paying a financial ransom.
Mashable readers who received these scam emails do not have Click the link in the message.
