Severity scale:  
  (90/100)

Extortion Scam. How to remove? (Uninstall guide)

removal by Julie Splinters - - | Type: Spam tools

Extortion Scam – a phishing email campaign used for blackmailing users to make them pay ransom in Bitcoin

Extortion Scam
Extortion Scam is an email campaign that seeks to blackmail users in to paying money

Extortion Scam is a term used to describe spam emails that are used to blackmail victims into paying money. While it is unclear how many separate scammers are involved in the campaign, there are hundreds of variants floating around the internet. The messages might differ slightly, however, the content remains the same. Typically, bad actors claim that users' machine has been hacked and the malware has been injected into their system. Allegedly, victims were recorded via the web camera while they were visiting porn sites. Extortion Scam then proceeds with a demand of a ransom to be paid into the specified Bitcoin wallet for the attackers not to reveal the leaked photos/videos to victims' relatives and friends. What makes these type of scams believable is that they usually include a user's password or/and the name in the Subject line of the email, making users panic and believe that the email is genuine.

Summary
Name Extortion Scam
Goal Blackmail users into paying money in Bitcoin
Claims Bad actors try to scare users into believing that their system has been hacked and controversial photos/videos taken
Versions
  • I have bad news for you email scam
  • I am a spyware software developer email scam
  • I'm a programmer who cracked your email scam
  • Porn Blackmail virus
What to do next? Ignore the email, report it to the appropriate authorities and change all your passwords
Additional precautions Scan your machine with security software and then use Reimage in case a virus is found

The password or other personal information that is included inside the Extortion Scam provides the feeling of it being real, and many people fall for it. How do crooks know this information? It is relatively simple, and they are not sophisticated hackers who create complex malware to do all the things they claim they do.

Extortion Scam authors simply use information that was leaked in data breaches – they happen every day. Whether it is a large organization, a small online shop or e-commerce website,[1] all the information leaked from these sites end up on the Dark Web.[2] Surprisingly, email addresses and names are relatively cheap, so anybody can buy as much data as they need.

The data sold might be old, so that is why users often see an old password in the Extortion Scam emails. However, criminals are quick to elaborate on the issue, claiming that the alleged malware that is installed on the system is capable of reading all passwords, regardless if it has been changed or not. For example:

Of course you can will change your password, or already made it. But it doesn't matter, my rat software update it every time.

Another reason why Extortion Scam works is that it affects a sensitive topic – the one that people usually want to keep private, and crooks are threatening to disclose these images to users' relatives, friends and social media platforms. Therefore, many users are simply too ashamed and pay the demanded money which can reach $7,000.[3]

In some cases, Extortion Scam email asks users to transfer the money within a certain amount of time (e.g., two days), or all of the leaked photos will be exposed and device locked. Basically, extortionists are trying to use all possible scare tactics in order to make terrified victims pay.

Extortion Scams (sextortion) have been around for many years, but previously mainly focused on extorting nude videos or pictures and then blackmailing them into disclosing those. However, the model of such blackmailing changed completely, and bad actors now focus on receiving a large amount of money.

The FBI reported[4] that in July 2018 alone, the amount of Extortion Scam reports increased by 13,000 comparing it to previous months. Additionally, there are thousands of unreported occurrences, so the scale of the operation is large, and can involve organized crime members.

You should remove Extortion Scam message from your inbox immediately and ignore everything that is written inside the email. Change your passwords and scan your PC with security software. In case an infection was present, eliminate it and then use Reimage to fix virus damage and bring your machine to a working state.

Different variants of Extortion Scams do not change the primary goal

I have bad news for you email scam

This variant of the extortion scam provides a date when victims' computer was allegedly infected with malware via the vulnerability[5] in the router. Cybercriminal then proceeds with explaining how the “infection” compromised the whole operating system of the victim.

According to the scam email, the hacker initially wanted to lock up the device in order to ask for a small amount of money. But instead, he or she checked websites that the victim regularly visits and decided to go with the blackmailing tactic instead. 

I have bad news for you Email Scam then asks users to pay $813 into a specified Bitcoin wallet to keep the pictures away from relatives, friends, and colleagues. You should under no circumstances try to contact cybercriminals, as you will end up being scammed.

I have bad news for you email scam
I have bad news for you is one of many variants of Extortion Scam

I am a spyware software developer email scam

As the title says, this scam claims that the originator of the email is a software developer. He or she claims that the victim visited a dangerous website and disclosed the email password. Hacker then explains that malware has been inserted into the operating system, and changing the password will not help.

Bad actor asks for $900 in order to keep the supposedly taken pictures away from relatives and friends. As usual, human emotions and shame feelings are exploited, ensuring that some users will fall for the trick.

I am a spyware software developer email scam is full of red flags when it comes to its legitimacy. Users who understand how viruses work would know that the scenario explained by the email author is not possible, as even malware cannot be transferred to victims' machine via the email unless they open attachments or click on malicious links.

Thus, I am a spyware software developer email is another hoax, trying to pretend that the threat is real.

I'm a programmer who cracked your email scam

This fraudulent message is almost identical to I am a spyware software developer email scam with the subject line “Security Alert. Your account has been hacked” or “Email is compromised. Password must be changed”. It also claims that the email author was a skilled programmer who injected a malicious code onto the operating system. Victims are asked to pay $870 into a specified Bitcoin wallet.

Bad actors are trying to shame the victim by stating the following:

But I was struck by the sites of intimate content that you very often visit. I am in shock of your reach fantasies! Wow! I've never seen anything like this! I did not even know that SUCH content could be so exciting!

The fake email is littered with grammar and spelling mistakes, so it only brings a conclusion that the author is probably not from an English-speaking country. Nevertheless, please remove I'm a programmer who cracked your email scam from your inbox and change all your passwords. Also, scan your PC for malware.

Porn Blackmail virus

Porn Blackmail virus is one of the Extortion Scam variants. The purpose of the scam is the same – to make users pay a ransom of up to $7,000 in Bitcoin. Scammers include the password of the target in the Subject line, which might be terrifying to most of the people who receive such an email in their Inbox.

The difference between Porn Blackmail virus and previous versions is that it claims that the user visited a porn website which was infected with malware. Allegedly, using a Remote Desktop, they managed to gain remote access to the PC, hack the camera, and film the controversial video of the victim. 

The crooks promise to delete all the videos they obtained if the payment in Bitcoin would be transferred into a specific wallet. Also, they threaten to expose the video if the ransom is not paid within a day and highly discourage users from going to the police. 

As usual, ignore cybercriminals and do not get tricked by Porn Blackmail virus. Scan your PC with anti-malware software just to be sure, and use the safety precautions we advised in this article below.

Phishing emails have been around for a long time: learn how to recognize them

Cybercriminals often use social engineering to trick their victims, so it comes as no surprise that phishing emails are one of the most widely spread scam methods around. In most cases, spam and phishing emails are used to deliver malware payloads, such as ransomware or banking trojans. However, some criminals use a more direct approach, trying to lie about the infection itself which does not actually exist.

Unfortunately, not many users are IT savvy and do not know how viruses work, or anything about their infiltration tactics. For such reasons, there are thousands of people who fall for the trick, cleverly engineered by cybercriminals. Here are some tips by experts on how to avoid scams:

  • Do not panic when you receive a threatening email;
  • Read through it carefully; even if your password or name is mentioned, it does not mean your PC is infected with malware;
  • If you are not sure, scan your computer with comprehensive anti-malware tools;
  • Copy and paste first line of the scam message and search for it online – there will be plenty hints that it is a scam;

If you received a scam email, report it to the appropriate bodies in your area and change your passwords.

Get rid of Extortion Scam email without contacting crooks

After receiving a scam message, you should make sure that your system is not compromised. We suggest using  Reimage, Malwarebytes MalwarebytesCombo Cleaner or Plumbytes Anti-MalwareMalwarebytes Malwarebytes  (Safe Mode with Networking is the best environment to do so) for Extortion Scam virus removal. If no malware is present on your computer, you should immediately change your passwords on your accounts, and report the incident.

As soon as that is done, you can safely remove Extortion Scam email from your Inbox with no consequences whatsoever. Remember, all the personal information disclosed in the email was acquired from a data breach, so as long as your passwords are updated, you should be safe.

Offer
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Malwarebytes.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.

To remove Extortion Scam, follow these steps:

Remove Extortion Scam using Safe Mode with Networking

If you are unsure whether or not your PC is infected with malware, enter Safe Mode with Networking and perform full system scan:

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove Extortion Scam

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Extortion Scam removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove Extortion Scam using System Restore

You can also eliminate the virus with the help of System Restore.

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Extortion Scam. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that Extortion Scam removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from Extortion Scam and other ransomwares, use a reputable anti-spyware, such as Reimage, Malwarebytes MalwarebytesCombo Cleaner or Plumbytes Anti-MalwareMalwarebytes Malwarebytes

About the author

Julie Splinters
Julie Splinters - Malware removal specialist

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions

References