Extortion, and especially “sextortion” emails, are becoming more frequent, and they can be extremely alarming when received. Such emails work by using threats to extort money, evoking intense fear. This type of correspondence comes in many guises and features various elements, but essentially, they work in the same way.

These activities can refer to real-life experience such as cheating on a partner or online behaviors such as visiting porn sites. They are called sextortion scams because there is an element of sexual behavior to them, something which is highlighted by scammers as undesirable and shameful. They usually threaten to expose the victim’s shameful activities to colleagues, friends, and family. Scammers then ask for payment to keep this a secret. But there are some that don’t have sexual elements. Instead, threats of harm are used to extort money. For example, some threaten to harm or kill the victim unless a fee is paid quickly.

Although sextortion scams are not new, they have evolved drastically in the past few years.

Historically, victims of such scams were usually young women, typically targeted by someone they dated in real life or met online and who was in possession of private or sexual images of them. More recently, sextortion attacks started casting a wide net and targeting private individuals who have never had any prior contact with their perpetrator. Most ask for payment in cryptocurrency, usually bitcoin. This is a convenient payment option for cybercriminals because bitcoin, as virtual money, has little or no legal regulation across different countries. This makes it a perfect choice for criminal activities.

These types of emails often have common, repeated elements, as shown in the following diagram:

Common elements in extortion emails

Common themes and techniques were also present in such correspondences. (See table below.) Their purpose is to evoke intense fear (Read more...)