Extortion Scam – a phishing email campaign used for blackmailing users to make them pay ransom in Bitcoin

Extortion Scam is scam email campaign that is used to blackmail victims into paying money. While it is unclear how many separate scammers are involved in the scam, there are hundreds of variants floating around the internet. While the text of the email might differ slightly, the content remains the same.
Typically, bad actors claim that users' machine has been hacked and the malware has been injected into their system. Allegedly, victims were recorded via the web camera while they were visiting porn sites. Extortion Scam then proceeds with a demand of a ransom to be paid into the specified Bitcoin wallet for the attackers not to reveal the leaked photos/videos to victims' relatives and friends.
What makes these type of scams believable is that they usually include a user's password or/and the name in the Subject line of the email, making users panic and believe that the email is genuine. If you encountered extortion scam yourself, never give in to demands of email authors, as they acquired your personal information through dark web hacking portals, and your computer is most likely malware-free.
| Summary | |
| Name | Extortion Scam |
| Goal | Blackmail users into paying money in Bitcoin |
| Claims | Bad actors try to scare users into believing that their system has been hacked and controversial photos/videos taken |
| Versions |
|
| Next steps | Ignore the email, report it to the appropriate authorities and change all your passwords |
| Additional precautions | Scan your machine with security software such as SpyHunterCombo Cleaner or MalwarebytesMalwarebytes. In case you noticed that your machine is experiencing lag, errors, crashes, or other post-infection issues, we recommend using FortectIntego |
The password or other personal information that is included inside the Extortion Scam provides the feeling of it being real, and many people fall for it. How do crooks know this information? It is relatively simple, and they are not sophisticated hackers who create complex malware to do all the things they claim they do.
Extortion Scam authors simply use information that was leaked in data breaches – they happen every day. Whether it is a large organization, a small online shop or e-commerce website,[1] all the information leaked from these sites end up on the Dark Web.[2] Surprisingly, email addresses and names are relatively cheap, so anybody can buy as much data as they need.
The data sold might be old, so that is why users often see an old password in the Extortion Scam emails. However, criminals are quick to elaborate on the issue, claiming that the alleged malware that is installed on the system is capable of reading all passwords, regardless if it has been changed or not. For example:
Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time.
Another reason why Extortion Scam works is that it affects a sensitive topic – the one that people usually want to keep private, and crooks are threatening to disclose these images to users' relatives, friends and social media platforms. Therefore, many users are simply too ashamed and pay the demanded money which can reach $7,000.[3]
In some cases, Extortion Scam email asks users to transfer the money within a certain amount of time (e.g., two days), or all of the leaked photos will be exposed and device locked. Basically, extortionists are trying to use all possible scare tactics in order to make terrified victims pay.
Extortion Scams (sextortion) have been around for many years, but previously mainly focused on extorting nude videos or pictures and then blackmailing them into disclosing those. However, the model of such blackmailing changed completely, and bad actors now focus on receiving a large amount of money.
The FBI reported[4] that in July 2018 alone, the amount of Extortion Scam reports increased by 13,000 comparing it to previous months. Additionally, there are thousands of unreported occurrences, so the scale of the operation is large, and can involve organized crime members.
You should remove Extortion Scam message from your inbox immediately and ignore everything that is written inside the email. Change your passwords and scan your PC with security software. In case an infection was present, eliminate it and then use FortectIntego to fix virus damage and bring your machine to a working state.
Different variants of Extortion Scams do not change the primary goal
Bitcoin blackmail email 2020 scam
In the wake of the coronavirus epidemic, many people were forced to work from home – they either connect to the management programs or used remote connections (RDP, for example) to perform daily tasks. Students and kids were also forced to stay home due to the pandemic.

Those who usually went out for a coffee on a daily basis or frequently visited the cinema were also forced to seek entertainment at home. As a result, internet traffic increased dramatically, as Netflix, Facebook, and many other websites saw a significant rise in visitors and new subscriptions. Unfortunately, cybercriminals knew such tendencies very well and saw an opportunity to cash up quickly.
In April, the Federal Trade Commission issued another warning[5] about a new wave of Bitcoin blackmail email 2020 scam. The FTC claimed that the reports spiked significantly, although this number is relatively skewed – most of the people who receive potentially embarrassing messages like Bitcoin blackmail email 2020 do not contact the authorities due to the nature of the message.
Just like with other types of fraud, Bitcoin blackmail email 2020 scam authors attempt to exploit people's minds by using sensitive subjects. The claims of malware infection, hacking, disclosure of the personal password, and sensitive footage leakage are just a few of many traits that might make users give in to the scam and pay up.
You should never pay attention to such unsolicited claims that are stated in the Bitcoin blackmail email 2020 scam, as you will most certainly lose money for nothing. Attackers do not have any information or video footage about you – they got your password from the hacking forums, and this is all just a scheme to extort money from innocent users.
I have bad news for you email scam
This variant of the extortion scam provides a date when victims' computer was allegedly infected with malware via the vulnerability[6] in the router. Cybercriminal then proceeds with explaining how the “infection” compromised the whole operating system of the victim.
According to the scam email, the hacker initially wanted to lock up the device in order to ask for a small amount of money. But instead, he or she checked websites that the victim regularly visits and decided to go with the blackmailing tactic instead.
I have bad news for you Email Scam then asks users to pay $813 into a specified Bitcoin wallet to keep the pictures away from relatives, friends, and colleagues. You should under no circumstances try to contact cybercriminals, as you will end up being scammed.

I am a spyware software developer email scam
As the title says, this scam claims that the originator of the email is a software developer. He or she claims that the victim visited a dangerous website and disclosed the email password. Hacker then explains that malware has been inserted into the operating system, and changing the password will not help.
Bad actor asks for $900 in order to keep the supposedly taken pictures away from relatives and friends. As usual, human emotions and shame feelings are exploited, ensuring that some users will fall for the trick.
I am a spyware software developer email scam is full of red flags when it comes to its legitimacy. Users who understand how viruses work would know that the scenario explained by the email author is not possible, as even malware cannot be transferred to victims' machine via the email unless they open attachments or click on malicious links.
Thus, I am a spyware software developer email is another hoax, trying to pretend that the threat is real.
I'm a programmer who cracked your email scam
This fraudulent message is almost identical to I am a spyware software developer email scam with the subject line “Security Alert. Your account has been hacked” or “Email is compromised. Password must be changed”. It also claims that the email author was a skilled programmer who injected a malicious code onto the operating system. Victims are asked to pay $870 into a specified Bitcoin wallet.
Bad actors are trying to shame the victim by stating the following:
But I was struck by the sites of intimate content that you very often visit. I am in shock of your reach fantasies! Wow! I've never seen anything like this! I did not even know that SUCH content could be so exciting!
The fake email is littered with grammar and spelling mistakes, so it only brings a conclusion that the author is probably not from an English-speaking country. Nevertheless, please remove I'm a programmer who cracked your email scam from your inbox and change all your passwords. Also, scan your PC for malware.
Porn Blackmail virus
Porn Blackmail virus is one of the Extortion Scam variants. The purpose of the scam is the same – to make users pay a ransom of up to $7,000 in Bitcoin. Scammers include the password of the target in the Subject line, which might be terrifying to most of the people who receive such an email in their Inbox.
The difference between Porn Blackmail virus and previous versions is that it claims that the user visited a porn website which was infected with malware. Allegedly, using a Remote Desktop, they managed to gain remote access to the PC, hack the camera, and film the controversial video of the victim.
The crooks promise to delete all the videos they obtained if the payment in Bitcoin would be transferred into a specific wallet. Also, they threaten to expose the video if the ransom is not paid within a day and highly discourage users from going to the police.
As usual, ignore cybercriminals and do not get tricked by Porn Blackmail virus. Scan your PC with anti-malware software just to be sure, and use the safety precautions we advised in this article below.

Phishing emails have been around for a long time: learn how to recognize them
Cybercriminals often use social engineering to trick their victims, so it comes as no surprise that phishing emails are one of the most widely spread scam methods around. In most cases, spam and phishing emails are used to deliver malware payloads, such as ransomware or banking trojans. However, some criminals use a more direct approach, trying to lie about the infection itself which does not actually exist.
Unfortunately, not many users are IT savvy and do not know how viruses work, or anything about their infiltration tactics. For such reasons, there are thousands of people who fall for the trick, cleverly engineered by cybercriminals. Here are some tips by experts on how to avoid scams:
- Do not panic when you receive a threatening email;
- Read through it carefully; even if your password or name is mentioned, it does not mean your PC is infected with malware;
- If you are not sure, scan your computer with comprehensive anti-malware tools;
- Copy and paste first line of the scam message and search for it online – there will be plenty hints that it is a scam;
If you received a scam email, report it to the appropriate bodies in your area and change your passwords.
Get rid of Extortion Scam email without contacting crooks
After receiving a scam message, you should make sure that your system is not compromised. We suggest using FortectIntego, SpyHunterCombo Cleaner or MalwarebytesMalwarebytes (Safe Mode with Networking is the best environment to do so) for Extortion Scam virus removal. If no malware is present on your computer, you should immediately change your passwords on your accounts, and report the incident.
As soon as that is done, you can safely remove Extortion Scam email from your Inbox with no consequences whatsoever. Remember, all the personal information disclosed in the email was acquired from a data breach, so as long as your passwords are updated, you should be safe.
Was this guide helpful?
Be the first to comment