The “I Gained Access to Your Devices” Sextortion Email Scam

Written by: Thomas Orsolya

Published on:

Have you received an email claiming your devices were hacked, with inappropriate content recorded through your webcam? This is another variant of the prevalent sextortion scam aimed at extorting money through false threats.

Scams

Overview of the Scam

The “I Gained Access to Your Devices” scam email states that the sender hacked the recipient’s email account and installed malware on their devices. Supposedly this allowed access to the webcam, microphone, files, and browsers.

It implies intimate photos and videos were recorded and threatens to send the content to the victim’s contacts unless a ransom is paid in Bitcoin. This type of psychological manipulation exploits fear and shame to override critical thinking.

But scrutiny reveals the deceptive blueprint behind this scam. There is no hack, malware, or inappropriate content. The entire aim is fabricating threats that trigger hasty payments. Understanding this anatomy highlights the fraudulent nature.

Breakdown of Email Components

Here are the key components contained in the “I Gained Access to Your Devices” sextortion email scam:

  • Hacking Claims – States they hacked the recipient’s email and devices.
  • Malware Infection – Claims malware provided access to microphone, webcam and data.
  • Compromising Media – Implies inappropriate photos/videos were acquired.
  • Monitoring Threats – Says they can view all online activities.
  • Ransom Demand – Demands payment to delete data and stop monitoring.
  • Shame and Fear – Attempts to scare and shame victims into paying.
  • Threats of Leaks – Threatens to send content to all contacts.
  • Short Deadline – Gives very short timeline of 1-2 days to pay.
  • Sense of Urgency – Creates strong urgency to submit payment quickly.

Goals of the Scammers

The main goals of those orchestrating this scam include:

  • Financial Fraud – Trick victims out of ransom money through psychological manipulation.
  • Installing Malware – Get users to download malware contained in email attachments or links.
  • Harvesting Personal Data – Obtain additional personal information through phishing-like questioning.
  • Damaging Reputations – Harm victims by threatening to share fabricated inappropriate content.

This scam takes advantage of human vulnerabilities and emotions like fear, shame and panic to override critical analysis for financial gain. But being aware of their blueprint helps avoid becoming a victim.

Here is how the “I Gained Access to Your Devices”  scam email usually looks:

Hi there!

Unfortunately, I need to start our conversation with bad news for you.

Around few months back I managed to get full access to all devices of yours, which are used by you on a daily basis to browse internet.

Afterwards, I could initiate monitoring and tracking of all your activities on the internet.

I am proud to share the sequence of how it happened: In the past I bought from hackers the access to various email accounts (today, that is rather a simple thing to do online).

Clearly, it was not hard at all for me to log in to your email account (info@onlinethreatalerts.com).

A week after that, I had already managed to effortlessly install Trojan virus to Operating Systems of all devices that are currently in your use, and as result gained access to your email.

To be honest, that was not really difficult at all (because you were eagerly opening the links from your inbox emails). I know, I am a genius. (=

With help of that software, I can gain access to all controllers in your devices (such as video camera, keyboard and microphone).

As result, I downloaded to my remote cloud servers all your personal data, photos and other information including web browsing history.

Likewise, I have complete access to all your social networks, messengers, chat history, emails, as well as contacts list.

My intelligent virus unceasingly refreshes its signatures (due to its driver-based nature), and hereby stays unnoticed by your antivirus software.

Herbey, I believe that now you finally start realizing how I could easily remain unnoticed all this while until this very letter…

While collecting information related to you, I had also unveiled that you are a true fan of porn sites.

You truly enjoy browsing through adult sites and watching horny vids, while playing your dirty solo games.

Bingo! I also recorded several filthy scenes with you in the main focus and montaged some dirty videos, which demonstrate your passionate masturbation and cum sessions.

In case you still don’t believe me, all I need is just one-two mouse clicks to make all your unmasking videos become available to your friends, colleagues, and even relatives.

Well, if you still doubt me, I can easily make recorded videos of your orgasms become a public.

I truly believe that you surely would avoid that from happening, taking in consideration the type of the XXX videos you love watching, (you are clearly aware of what I mean) it will result in a huge disaster for you.

Well, there is still a way to settle this tricky situation in a peaceful manner:

You will need to transfer $1450 USD to my account (refer to Bitcoin equivalent based on the exchange rate at the moment transfer), so once funds transfer is complete, I will straight away proceed with deleting all that dirty content from servers once and for all.

Afterwards, you can consider that we never met before. You have my honest word, that all the harmful software will also be deactivated and deleted from all your devices currently in use. Worry not, I keep my promises.

That is truly a win-win solution that comes at a relatively reduced cost, mostly knowing how much effort I spent on monitoring your profile and traffic for a considerably long time.

In event that you have no idea about means of buying and transferring bitcoins – don’t hesitate to use any search engine for your assistance (e.g., Google, Yahoo, Bing, etc.).

My bitcoin wallet is as follows: [removed]

An important notice: I have specified my Bitcoin wallet with spaces, hence once you carry out a transfer, please make sure that you key-in my bitcoin address without spaces to be sure that your funds successfully reach my wallet. I have allocated 48 hours for you to do that, and the timer started right after you opened this very email (2 days to be exact).

Don’t even think of doing anything of the following:

! Abstain from attempting to reply me (this email was created by me inside your inbox page and the return address was generated accordingly).

! Abstain from attempting to get in touch with police or any other security services. Moreover, don’t even think of sharing this to you friends. Once I discover this (apparently, that is absolutely easy for me, taking in consideration that I have complete control over all systems you use) – kinky video will straight away be made public. ! Don’t even think of attempting to find me – that is completely useless. Don’t forget that all cryptocurrency transactions remain completely anonymous.

! Don’t attempt reinstalling the OS on all your devices or getting rid of them. That won’t lead you to success either, because I have already saved all videos at my remote servers as a backup.

Things you should not be concerned about:

! That your funds transfer won’t reach my wallet.

– Worry not, I can see everything, hence after you finish the transfer, I will get a notification right away (trojan virus of mine uses a remote-control feature, which functions similarly to TeamViewer).

! That I will still distribute your videos although you make the funds transfer.

– My word, I have no intention or interest in continuing making your life troublesome. Anyway, If I truly wanted that, it would happen long time ago without me notifying you!

Everything can be settled in a peaceful and just way!

And lastly… make sure you don’t get caught afterwards in such type of incidents anymore!

My fair advice – ensure you change all your passwords on a regular basis.

How the “I Gained Access to Your Devices” Sextortion Scam Works

The “I Gained Access to Your Devices” sextortion scam operates through a sequence of psychological manipulation techniques and social engineering tricks. Here is the typical process:

1. Compiling Recipient Emails

Scammers use various illegal methods like data dumps and malware to acquire large batches of target email addresses. A wider recipient pool increases potential victims.

2. Crafting Deceptive Emails

Time is taken to make the wording and technical details seem authentic and concerning. Fake hacking details aim to elicit fear, as do threats of exposing intimate content.

3. Distributing Scam Emails

Using botnets and other techniques to hide their origin, the scam emails are blasted out en masse to the compiled list of recipients.

4. Awaiting Victim Payment

The scammers simply wait for ransom payments to hit their Bitcoin wallet addresses specified in the emails. More recipients means more potential victims.

5. Sending Threatening Reminders

If the initial email is ignored, follow-up threatening messages may be sent urging immediate payment to avoid supposed disastrous consequences.

6. Withdrawing and Laundering Funds

Once they receive ransom funds, the scammers quickly withdraw the Bitcoin to digital wallets elsewhere and eventually convert it into normal cash.

7. Vanishing After Payment

For any victims who paid up, the scammers cut off all contact after withdrawing the funds. Non-payers may be targeted again or have their emails sold.

As this sequence shows, fear and uncertainty are leveraged to override critical analysis of the scam’s claims. But scrutinizing the anatomy highlights its fraudulent nature.

What to Do If You Get This Scam Email

If you receive the “I Gained Access to Your Devices” sextortion email, stay calm and take these actions:

Do Not Panic

This email is intended to cause panic, but rest assured all claims of hacking, infections and recordings are completely fabricated in this scam.

Do Not Reply

Replying will just confirm your email address is active for more extortion attempts. Ignore and delete the email, then block the sender.

Do Not Pay the Ransom

No matter how embarrassing the email’s threats seem, do not pay the ransom demand as that will likely lead to repeat extortion.

Run Security Scans

Run full system scans with updated security software in case any real malware is present from other sources, but the email itself does not contain viruses.

Enable Two-Factor Authentication

Enable two-factor authentication on accounts when possible for enhanced log in protection beyond standard passwords.

Change Passwords

Change passwords on any accounts where you reused the same credentials across multiple websites, even though the scam’s claims are false.

Report the Sextortion Email

Forward the scam email to the Anti-Phishing Working Group at phish@apwg.org and report phishing to your email provider.

Monitor Accounts Closely

Keep a close eye on online accounts named in the scam for unauthorized access attempts and look for odd financial transactions.

Spread Awareness

Notify colleagues, friends and family about this scam if you think they could also be targeted. Share information to prevent potential victims.

Staying calm and not giving in to urgent payment requests stops this scam cold. Proactively take smart security steps instead of reacting to empty extortion threats.

Frequently Asked Questions

What is the “I Gained Access to Your Devices” email scam?

This is a type of sextortion scam where recipients are sent an email claiming the sender hacked their devices and recorded inappropriate photos/videos through their webcam. It threatens to release the supposed media unless a ransom is paid.

Did the scammers really hack my devices and email?

No, the claims in the email about hacking your email and installing malware on your devices are completely fabricated. This is just a deceptive scare tactic.

Do the scammers actually have inappropriate videos/pictures of me?

No, the scammers do not really have any embarrassing, explicit or compromising media of you, despite their claims. This is an empty threat to extort money.

Should I pay the ransom they are demanding?

No, you should never pay the ransom amount being demanded. That will likely result in more extortion attempts and provides funds to criminals.

Can just opening the email infect my device with malware?

Simply opening and reading the email alone will not infect your device with malware. But be very cautious about downloading any attachments.

How can I protect myself from this scam?

Use strong unique passwords everywhere, enable two-factor authentication on accounts, run antivirus software, and be wary of unsolicited emails demanding money.

What should I do if I receive this email?

Do not reply, pay the ransom, or open any attachments/links. Report the email as phishing/extortion, forward it to your email provider, then delete and block the sender.

Conclusion

The “I Gained Access to Your Devices” sextortion email scam exploits human emotions like fear, shame and panic through false claims of malware infections, stolen media and total device access.

But a closer look reveals the consistent scam template deployed in these fraudulent emails. There is no hacking, malware or recordings as claimed. The sole aim is tricking recipients through fabricated threats that prey on vulnerabilities.

Understanding the psychological triggers and tactical blueprint at play allows one to step back and recognize the scam before being misled. This scam provides an important reminder to think critically and remain vigilant against potential extortion attempts aiming to override reason with emotion.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

Remove News-Rehoga.cc Pop-up Ads [Virus Removal Guide]

Next

Support@Cvbuildd.com Shopping Scam Explained