Posted By ASEC , March 19, 2024

Online Scams: Blackmail, Deceptions, and Victims

Sextortion scam is defined as the crime of blackmailing victims using their sensitive information to inflict great psychological distress and extort them. Victims not only suffer from immediate financial losses but also immense shock and terror, some to the point of having their daily lives severely impacted.

Contents

Simple Lies and Blackmail
Sextortion – Holding Private Life as Hostage
- Methods of Approach
- What Happens When Files are Installed
- Fileless Does Not Equal Safe
- How Victims Suffer
See Related Articles

Definition
Scamming is defined as the crime of deceiving others via immoral means for financial gains, stealing intellectual property, or unauthorized access to assets. Scammers (criminal, attacker) mostly utilize direct channels such as voice calls, messages, emails, messengers, social media, and websites to coerce their victims into performing deeds they want done.

Simple Lies and Blackmail
Scammers who resort to these tactics falsely claim to victims that malware is installed in their systems, that they extracted information from the systems through the malware, and that the victims’ screens are being recorded. These are only some of the examples. In addition, they use sextortion emails to approach random victims and blackmail them for virtual assets, threatening to further damage if victims refuse to cooperate. Users who panic after receiving such emails transfer their assets to scammers. The scammers who use this method can extort their victims through psychological pressure without using any special technique.

Sextortion – Holding Private Life as Hostage
“Sextortion” is a type of cybercrime that exploits the personal information of victims. Scammers procure sexual messages, images, or videos to blackmail victims for personal gains, threatening to spread the data to families and friends of victims. Scammers mostly target adolescent to adult males, including married men, but they occasionally target females as well, asking for a ransom in USD between at least a few hundred to several thousand. Sextortion is a crime that aims to exploit shame, and although the means and methods are different, the strategies deployed are similar to those of ransomware attacks—criminal offenses aiming to encrypt files—in that they take hold of something or someone as digital hostages.

Methods of Approach
Victims engage in 1:1 chat with unidentified scammers who often play the role of a woman via mobile messenger apps or dating apps. The conversations mostly start by curiosity and the goal of establishing a relationship, but they soon enter the realm of sexual chat. During the conversations, victims do what the other person told them to do such as moving to a different chat channel, installing a file, or sending photos. After acquiring the information that could be used to blackmail, the scammers immediately shift their attitude and ask for money. Even if they failed to acquire information, the scammers lie that they have already gained the information to invoke fear in the victims.

Scammers can use any means of chat to approach their victims, and the apps below are the chat channels recently used by scammers in Korea.

Mobile Messenger Apps (Facebook Messenger, LINE, KakaoTalk, Telegram, etc.)
Mobile Dating Apps (Tinder, MEEFF, WIPPY, GLAM, Middle-aged Talk, etc.)

What Happens When Files are Installed
To prompt their victims to install an Android APK or iPhone IPA file, scammers either send the files directly to the victims or share website URLs to make the victims directly download the files. The scammers add a variety of reasons such as call quality enhancement, language translation, sharing hobbies, and sharing pornographic images that can easily garner attention and attract victims. The majority of victims know that these files are malicious, but they fail to perceive that fact when the scammers approach them naturally.

The malicious files can actually collect contact numbers stored inside the victims’ mobile devices and are equipped with features that allow them to access features such as text messaging, call history, camera, recording, and other messenger app events. The following images show the websites that distribute malicious files and the screens that appear upon app launch.

AhnLab Threat Intelligence Platform ‘AhnLab TIP’ performs dynamic and static analysis on suspicious APK files to provide analysis information like the following:

Fileless Does Not Equal Safe
Scammers can blackmail victims without using malicious files. They utilize the messaging feature of social media apps like Instagram to communicate with their victims and capture their followers and friends list. The scammers then use general mobile apps such as LINE and KakaoTalk to exchange sexual conversations or make video calls and threaten the victims they would leak the details of the chat with the victims’ followers. Recently, there has been a rapid increase in such methods targeting young social media users.

Step	Chat Channel
Initial Approach	Mobile Dating App
Procuring Friends List of Victims	Social Media App (Mainly Instagram)
Blackmailing After Sexual Conversation	Mobile Messenger App

How Victims Suffer
Sextortion is the crime of taking extremely private information of victims as hostages for money. Some scammers take extreme measures to mentally abuse their victims by making group chatrooms, inviting all of the victims’ friends and families, and terrorizing the victims by saying they will start distributing the data.

Sextortion victims get extremely distressed thinking about getting shamed by their friends and families over their private data, take financial damage after transferring money to the scammers, and continue suffering from the fear of their information getting leaked online even after paying the ransom. Sextortion scams are different from other scams in that they weaponize shame and issues are not completely resolved even after victims pay the ransom.

See Related Articles