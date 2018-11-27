× Expand Jane_Kelly Getty Images/iStockphoto 610774254 Laptop and envelope with black document and skull icon. Virus, malware, email fraud, e-mail spam, phishing scam, hacker attack concept. Trendy flat design graphic with long shadow. Vector illustration

So I received an unnerving extortion scam email recently and it freaked me the freak out. This is no easy task. Given that my email address is publicized and collects swaths of SPAM, I have become fairly skilled at sniffing out viruses, hoaxes, scams, chains and bogus George Carlin quote attributions. However, this message, bad grammar and all, shook me to the core.

“Hello, I know, your pass word is [12345]… I placed a malware on the adult vids (porn material) web-site and you know what, you visited this website to have fun (you know what I mean). While you were watching video clips, your internet browser initiated operating as a RDP (Remote Desktop) that has a keylogger which provided me access to your screen and also webcam. Immediately after that, my software program gathered your entire contacts from your Messenger, social networks, as well as email.

What did I do? I made a double-screen video. 1st part shows the video you were watching (you have a good taste lmao), and 2nd part shows the recording of your webcam. exactly what should you do? Well, I believe, $2900 is a fair price for our little secret....

Note: You have one day in order to make the payment. (I have a specific pixel in this email message, and at this moment I know that you have read through this email message). If I do not get the BitCoins, I will definitely send out your video recording to all of your contacts including family members, coworkers, etc....”

Apparently this is a new variation of what’s called a sextortion scam and is becoming one of the most popular cons to date. The FBI received 13,000 complaints in July alone, and Bitcoin has disbursed over $4,000,000 in the last three months according to the internet security firm, Barkly.com. This new grift is so effective, even the Nigerian Prince is jumping on the scamwagon.

There are several versions of the email, all of them written with the same bad grammar, spelling and syntax as the Nigerian Prince-type scams, which made me instantly suspicious. I probably would have deleted it right then had it not been for the fact that the password he referenced was correct! It was the first five characters of an 8-character password I used a few years ago.

What the shit is this? I thought. How did that crafty prince get my password? Is my webcam really watching me? Are all my friends, coworkers, family—my mother!—about to see my O-face? I had so many questions, but one thing I knew, I would not be paying that ransom.

For one reason, what would stop him from blackmailing me again? Secondly, I wasn’t all that concerned about the type of porn I might have been caught watching. Thankfully, my sexual preferences are relatively mainstream—certainly nothing that would get me arrested, fired or thrust into the crosshairs of the #MeToo firing squad.

Still, how did he get that password? Well, according to Barkly.com, it was likely gleaned from one of those massive internet data breaches of the last decade. Most likely one of the 117 million accounts that were lifted from LinkedIn in 2012 and sold on the dark web.

Seeing my password in the hands of that dastardly son of a West African king, along with a threat to publicize my ghoulish O-face and O-grunts, made my heart drop to my Nikes. If it weren’t for the suspiciously hilarious way the email was written, I might have flatlined right then. For instance, the comment, “I placed a malware on the adult vids (porn material) web-site,” would have been horrifying if it wasn’t so hilariously indecipherable. There was also the “$2900 is a fair price” remark which is like saying, “Hey man, extortion is a lot of work! I have to create the malware, edit the video, compose the blackmail letters—be reasonable!”

But the best part is the bad grammar. Why are they always written like that? I wondered. Is the sloppy writing an accident, or by design? Well, turns out, it’s by design. It is an effort to prevent false positives, which refers to email recipients who engage with the scammers but don’t ultimately pay.

“Reaching out to scores of potential victims isn’t much work nowadays,” says economist Steven D. Levitt (via BusinessInsider.com)… “but with each reply… the scammers are required to put forth more effort. Therefore, it’s in the scammers’ best interest to minimize the number of false positives who cost them effort but never send them cash. By sending an initial email that’s obvious in its shortcomings, the scammers are isolating the most gullible targets.”

So what should victims do if they get one of these emails? For starters, don’t panic. And don’t pay the ransom! They did not hack anyone’s machine and they do not have a video of anyone blaspheming themselves to a Hentai tentacle diaper porn video (not that there’s anything wrong with that). In fact, don’t even respond. Take a deep breath, change passwords, enable two-factor authentication on any sensitive accounts and stick a piece of tape over any webcam. In fact, people should take those steps even if they don’t get the latest scam email. And for crissake, lay off the tentacle porn.