The scam relies on “social engineering,” or the ability to convince an unsuspecting victim do something they wouldn’t normally do, through the use of charm, guilt, shame or authority. The scammer has usually done enough research and has enough information and half-truths to make the scam seem credible.
According to CNBC, IT security firm Mimecast saw “a huge spike in the new tactic, with more than 1,600 scam emails intercepted in just a two-day period from Jan. 2 to Jan. 3.”
When describing this particular scam Kiri Addison, head of data science, said “this one is a bit different. It stood out, because it’s really convoluted in a way. It starts out with a single email saying ‘we’ve got some nude photos of you.’”
The email will include a link to a website showing Nest footage from an innocent area the person could have visited, such as a bar or restaurant. The idea is to make the person believe they’ve been monitored and recorded over a long period of time, in any number of situations, making it more believable they may have been recorded in a compromising position.
Ultimately, the victim is walked through the process of establishing a bitcoin wallet and paying the scammers $500 to keep their photos and videos from being released on porn sites. It’s important to understand there aren’t actually any photos or videos.
As CNBC points out, “if you receive a sextortion email, the best thing you can do is ignore it.
“Although internet-connected cameras and smartphones can be hacked, this is a very rare event. It’s practically non-existent for such a hack to be combined with an extortion demand.”