Blackmail via email best practices

3 min read
GoDaddy Digital Crimes Unit

What are sextortion and blackmail emails?

Sextortion and blackmail emails are emails that are received from an unknown sender, often disguised as a real business or person of power, demanding payment or another benefit in return for not revealing compromising or damaging information about you.

Recently, we’ve seen an increase in complaints regarding a blackmail email that sounds super scary. The email claims that a hacker broke into your computer and took a video of you doing bad things. In order to stop the anonymous sender from sharing this “video” with your contacts,  the sender demands Bitcoin (or some other crypto currency) payment.

Sometimes, these emails contain a password you either used to use or still use, making it seem very convincing.

These campaigns started carrying something similar to the following as the email body and then as an image or attachment:

A similar type of email claim that a Dedicated Denial of Service (DDoS) attack would be carried out against your website if you did not pay or that your hosting account would be taken over and shut down.

What to do

First things first, never reply to these emails. Most often, they are sent using Spoofing techniques. Replying does nothing for you and could potentially be harmful. So, don’t reply.

Second, DO NOT pay the sender. These attacks are fear based. They don’t have access to your computer, they didn’t record you on your computer.

This is a numbers game for them. If they send out 1,000,000 emails with the same threat, they only need one to make any money from an unfounded threat. So, they’ll send as many emails as possible with as threatening message as possible to convince people to pay.

While it is difficult to find the individuals behind the emails to try to hold them accountable, you can report the email via our reporting form using the SPAM option and/or file a complaint with the FBI via the Internet Crime Complaint Center.

Additionally, check your email address against Have I Been Pwned. It checks if your email address was involved in a number of breaches over the years. If your email address appears, we highly recommend changing your password.

Threat shift

In Information Security there are times when a bad guy changes how they carry out an attack, this is referred to as a “threat shift”. Crypto currency blackmail and extortion has undergone a recent threat shift from large email campaigns to website comment sections. The same rules apply in this situation, report the comment with your hosting provider and do NOT pay it.