This is generally known either as a “webcam blackmail”, “sextortion scam” or a “scam email”. They are structured to be more intrusive in nature and most would share the following similar feature on their subject line :
These features can sometimes get personal with the user and they will, in favor of the attacker, become intimidated and even give in to their demands. Demands such as payments in Bitcoin(BTC) through a BTC address will be included in the end of the mail and it will not be possible to track it back to the sender. For reference, please have a look on the following image to have an idea of how the scam looks like :
As the cost of sending millions of blackmail emails like the one above are basically zero, a few payments made by unfortunate victims are easy profits and will encourage the attackers to continue on. This in turn, will lead to the rise of blackmail scams appearing in our emails.
1. The first step is to always stay calm and not be frightened by just an email.
2. If you've opened it, do not read the contents as they're pointless anyways.
→ If you did read it out of curiosity, you may notice a Bitcoin address in the lower section or any fishy path leading to payment gateway. Never click on any links in inside the email and do not pay a single cent of ransom money to them.
3. Proceed on with blocking the email address by referring to : steps to blacklist an email address on webmail to block the sender from sending any emails to you in the future.
4. Following on by deleting the same email referring to the image below :
5. Do remember to make it a habit to change your password occasionally after facing blackmails like these, to ensure the security of your account. A few steps that only takes around 1-2 minutes.
6. Finally, perform an anti-virus scan on your PC to make sure nothing malicious gets past you.
Side note : Always make it a habit to run anti-virus programs at least once a week to make sure that your PC is safe from any threats.
To make the threat mails more credible and effective, scammers have moved on to include the “latest” or mostly “old” passwords that the victims may have used at one point. The whole point of using it is to make sure their message gets personal with their victim, and more importantly, intimidate those who lacks awareness on this issue. A typical tech fluent individual today, would easily ignore mails like these but the rest of the population, with lesser exposure to issues like this may get shocked and would probably give in to the demands of the scammer.
These passwords can be easily obtained from sites that were hacked. For this case, the password that appears on the subject line could be leaked from another web service/server that has been compromised. That same password could've likely been matched up to a database of emails & stolen passwords and got sent out to scam millions of users across the globe. That is, if the user has frequently signed up on other services using the very same password. To check if your email or password was compromised in a data breach please visit the following links :
Side note : Kindly refer to our guide to better secure your VO account from any threats at How To Protect VO Accounts