Don’t Fall for the “I Gained Control of Your Devices” Email Scam
Written by: Thomas Orsolya
Published on:
Picture this: you’re going about your day when suddenly, a chilling email appears in your inbox. The subject line reads, “I gained control of your devices.” Your heart races as you click to open the message, only to find a faceless stranger claiming to have gained control of your devices, accessed your most intimate moments, and threatening to expose you unless you pay a ransom. This is the reality of the “I Gained Control of Your Devices” email scam, a sinister scheme that has left countless victims feeling vulnerable, afraid, and unsure of what to do next. In this comprehensive article, we’ll unmask the inner workings of this scam, provide step-by-step guidance on how to protect yourself, and explore what to do if you find yourself in the clutches of this digital nightmare.
This Article Contains:
Scam Overview
The “I Gained Control of Your Devices” scam typically begins with an email appearing in your inbox from an unknown sender. The subject line is often designed to grab your attention and instill a sense of urgency or fear, such as “Your account has been hacked” or “I have your private information.”
Upon opening the email, you’re confronted with a disturbing message claiming that the scammer has gained access to your devices, including your computer, smartphone, and even your webcam. They assert that they have been monitoring your online activities, particularly focusing on your alleged visits to pornographic websites.
To add credibility to their claims, the scammer may include a password that you have used in the past, which they likely obtained through a data breach or from the dark web. They may also mention specific details about your device, such as its operating system or browser, to make it seem as though they have intimate knowledge of your digital life.
The scammer then proceeds to make a series of threats, stating that they have captured compromising footage of you through your webcam while you were browsing adult content. They claim to have created a video montage featuring this footage alongside screenshots of the websites you visited, which they threaten to send to your contacts, friends, and family unless you pay a ransom.
The ransom demand is typically in the form of Bitcoin or another cryptocurrency, as these transactions are difficult to trace. The scammer may set a tight deadline, usually within 24-48 hours, to create a sense of urgency and pressure you into complying with their demands.
To further intimidate you, the scammer may use language designed to shame and embarrass you, exploiting your fears of exposure and humiliation. They may claim that failure to pay the ransom will result in the immediate release of the alleged compromising material to your contacts and on public platforms.
Here is how the “I Gained Control of Your Devices” scam email looks:
You probably won’t like what you’re about to read. I gained control of your devices, thanks to your predilection for porn sites. As a matter of fact, it was those sites that helped me. One of them had my special code on it and it worked. What that means to you is that I can see everything that happens on your screen and in front of your screen.
If you doubt it then don’t read any further into this letter. I’m not wasting my time on you either and I’m just gonna post all this crap with you on every possible website and social networks and send it out to all your contacts.
I made a copy of your most interesting files. I also have the contact addresses you use most often. I have your browsing history. I have… everything I need.
At first I wanted to delete all content from your devices and forget about it. But I took a look at the sites that you regularly visit and I changed my mind. I’m talking about sites with all kinds of nasty stuff on them.
After a while, I had an idea. I took screenshots of website pages where you spend your time alone. Then I took screenshots of you satisfying yourself using the camera of one of your devices. ( By the way, I had to wait for you to successfully to get in the camera lens.) But it was worth it and it will impress to all your acquaintances and regular people on the Internet.
To cut a long story short I’ll make you a deal. You wire me the money and I’ll delete all that shit about you and we’ll forget about each other.
$699 USD is fine with me. Although at first I wanted a larger amount.
Pay only in BTC to wallet: 1My19bMiRYkm5HxgrjN48TR1SvVQq1CLs6
I’ll give you two days from now to pay. I told you what happens if you don’t pay, I don’t give a fuck, it’s up to you. And don’t hold a grudge. Everybody’s got a job to do.
And one more thing:
Learn to lock your windows.. and why are you making that funny face?
It’s important to recognize that, in the vast majority of cases, the scammer does not actually have any compromising information or footage of you. The entire scam is a bluff, designed to manipulate your emotions and trick you into paying the ransom out of fear and panic.
How the Scam Works
The “I Gained Control of Your Devices” scam is a carefully orchestrated scheme that relies on a combination of social engineering techniques, psychological manipulation, and technical trickery. Here’s a step-by-step breakdown of how the scam typically unfolds:
Step 1: Acquiring Your Email Address and Personal Information
The scammer begins by obtaining your email address and potentially other personal information, such as your name, phone number, or passwords. This information is often acquired through data breaches, where hackers gain unauthorized access to databases containing user information from various websites and services. The scammer may also purchase this information on the dark web, where stolen data is frequently bought and sold.
Step 2: Crafting the Malicious Email
Armed with your email address and personal information, the scammer composes an email designed to grab your attention and instill fear. They may use a subject line that suggests your account has been compromised or that they have access to sensitive information about you.
The email itself is carefully worded to make the scammer’s claims seem credible and intimidating. They may include technical details about your devices or mention specific websites you’ve allegedly visited to create the illusion that they have been monitoring your activities.
Step 3: Leveraging Passwords and Personal Information
To add legitimacy to their claims, the scammer may include a password that you have used in the past within the email. This password is likely obtained from a data breach or purchased on the dark web, and while it may be an old or outdated password, seeing it in the context of the scammer’s threats can be unnerving and make you more likely to believe their claims.
The scammer may also mention other personal details, such as your phone number or specific websites you’ve visited, to further create the impression that they have intimate knowledge of your online activities.
Step 4: Making the Threat
The scammer then proceeds to make their core threat: they claim to have used your device’s webcam to capture footage of you while you were browsing pornographic websites. They assert that they have created a video montage featuring this compromising footage alongside screenshots of the websites you visited.
To maximize the fear and shame associated with this threat, the scammer may claim that the video captures you engaging in intimate or embarrassing acts, exploiting your deepest insecurities and fears of exposure.
Step 5: Demanding the Ransom
With the threat laid out, the scammer then presents their ransom demand. They typically request payment in Bitcoin or another cryptocurrency, as these transactions are difficult to trace and provide a level of anonymity for the scammer.
The ransom amount can vary but often falls in the range of a few hundred to a few thousand dollars. The scammer may justify this amount by claiming it is a small price to pay to keep your reputation intact and prevent the alleged compromising material from being released to your contacts and the public.
Step 6: Applying Time Pressure
To further pressure you into complying with their demands, the scammer often imposes a tight deadline for payment, typically within 24-48 hours of receiving the email. They may claim that failure to pay by the deadline will result in the automatic release of the alleged compromising material to your contacts and on public platforms.
This time pressure is a psychological tactic designed to induce panic and prevent you from thinking critically about the situation or seeking help.
Step 7: Continuing the Cycle
If you do fall victim to the scam and pay the ransom, the scammer may continue to target you with additional demands in the future. They may claim that the initial payment was insufficient or that they have discovered new compromising material, perpetuating the cycle of fear and extortion.
It’s crucial to recognize that paying the ransom does not guarantee your safety or the deletion of any alleged compromising material. In fact, complying with the scammer’s demands only serves to encourage them and may mark you as a target for future scams.
What to Do If You Have Fallen Victim to This Scam
If you find yourself targeted by the “I Gained Control of Your Devices” email scam, it’s essential to keep a level head and take the following steps:
Do not panic. Remember that the scammer is relying on fear and intimidation to pressure you into complying with their demands. Take a deep breath and try to approach the situation rationally.
Do not reply to the email or attempt to contact the scammer. Engaging with the scammer may only encourage them to continue their attempts to extort you.
Do not pay the ransom. As mentioned earlier, paying the scammer does not guarantee the deletion of any alleged compromising material and may only lead to further extortion attempts.
Change your passwords. If the scammer has included a legitimate password in their email, change it immediately on any accounts where you may have used it. Enable two-factor authentication on these accounts for added security.
Run a virus scan on your devices. While it’s unlikely that the scammer has actually installed malware on your devices, running a virus scan can help provide peace of mind and ensure your system is secure.
Report the scam to the appropriate authorities. In the United States, you can file a complaint with the FBI’s Internet Crime Complaint Center (IC3) or contact your local law enforcement agency. Reporting the scam can help authorities track down the perpetrators and prevent others from falling victim.
Seek support if needed. Falling victim to a scam can be a stressful and emotionally taxing experience. Don’t hesitate to reach out to friends, family, or mental health professionals for support and guidance as you navigate the aftermath of the scam.
Is Your Device Infected? Check for Malware
If your device is running slowly or acting suspicious, it may be infected with malware. Malwarebytes Anti-Malware Free is a great option for scanning your device and detecting potential malware or viruses. The free version can efficiently check for and remove many common infections.
Malwarebytes can run on Windows, Mac, and Android devices. Depending on which operating system is installed on the device you’re trying to run a Malwarebytes scan, please click on the tab below and follow the displayed steps.
Malwarebytes For WindowsMalwarebytes For MacMalwarebytes For Android
Scan your computer with Malwarebytes for Windows to remove malware
Malwarebytes is one of the most popular and most used anti-malware software for Windows, and for good reasons. It is able to destroy many types of malware that other software tends to miss, without costing you absolutely nothing. When it comes to cleaning up an infected device, Malwarebytes has always been free and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Windows.
You can download Malwarebytes by clicking the link below.
When Malwarebytes has finished downloading, double-click on the MBSetup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
You may be presented with a User Account Control pop-up asking if you want to allow Malwarebytes to make changes to your device. If this happens, you should click “Yes” to continue with the Malwarebytes installation.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes setup wizard which will guide you through the installation process. The Malwarebytes installer will first ask you what type of computer are you installing this program on, click either Personal Computer or Work Computer.
On the next screen, click “Install” to install Malwarebytes on your computer.
When your Malwarebytes installation completes, the program opens the Welcome to Malwarebytes screen.
Click on “Scan”.
Malwarebytes is now installed on your computer, to start a scan click on the “Scan” button. Malwarebytes will automatically update the antivirus database and start scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the Malwarebytes scan is finished scanning it will show a screen that displays any malware, adware, or potentially unwanted programs that it has detected. To remove the adware and other malicious programs that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files and registry keys that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
Your computer should now be free of trojans, adware, browser hijackers, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Scan your computer with Malwarebytes for Mac to remove malware
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
Your Mac should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Scan your phone with Malwarebytes for Android to remove malware
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
Your phone should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
Q1: What is the “I Gained Control of Your Devices” email scam?
A1: The “I Gained Control of Your Devices” email scam, also known as a sextortion scam, is a type of online blackmail where scammers send an email claiming to have hacked your devices, accessed your private information, and recorded compromising footage of you through your webcam. They threaten to release this alleged material to your contacts unless you pay a ransom in cryptocurrency.
Q2: How do the scammers obtain my email address and personal information?
A2: Scammers often acquire email addresses and personal information through data breaches, where hackers gain unauthorized access to databases containing user information from various websites and services. They may also purchase this information on the dark web, where stolen data is frequently bought and sold.
Q3: Are the scammer’s claims of having compromising footage of me true?
A3: In the vast majority of cases, the scammer’s claims are false. They do not actually have any compromising footage or information about you. The scam is designed to manipulate your emotions and trick you into paying the ransom out of fear and panic.
Q4: What should I do if I receive an “I Gained Control of Your Devices” email?
A4: If you receive this type of email, it’s crucial to stay calm and avoid engaging with the scammer. Do not reply to the email or attempt to contact them. Ignore their threats and do not pay the ransom they demand. Instead, report the email to the appropriate authorities and focus on securing your accounts and devices.
Q5: The scammer included one of my real passwords in the email. What does this mean?
A5: If the scammer includes a legitimate password in their email, it’s likely that this password was obtained through a data breach or purchased on the dark web. It does not necessarily mean they have actually hacked your devices or have access to your current information. Change the password immediately on any accounts where you may have used it and enable two-factor authentication for added security.
Q6: Should I pay the ransom demanded by the scammer?
A6: No, you should never pay the ransom demanded in an “I Gained Control of Your Devices” email. Paying the scammer does not guarantee the deletion of any alleged compromising material and may only encourage them to continue extorting you or target you with future scams.
Q7: How can I protect myself from falling victim to this scam?
A7: To protect yourself from this scam, be cautious when opening emails from unknown senders and avoid clicking on suspicious links or attachments. Maintain strong, unique passwords for all your accounts and enable two-factor authentication whenever possible. Keep your software and devices updated with the latest security patches and run regular virus scans to detect any potential malware.
Q8: What should I do if I’m feeling distressed or anxious after receiving this scam email?
A8: Falling victim to a scam can be a stressful and emotionally draining experience. If you’re feeling overwhelmed or anxious, don’t hesitate to reach out to trusted friends, family members, or mental health professionals for support. Remember, you are not alone, and there are resources available to help you cope with the aftermath of a scam.
Q9: How can I report the “I Gained Control of Your Devices” email scam?
A9: If you receive this scam email, you can report it to the appropriate authorities to help combat this type of cybercrime. In the United States, file a complaint with the FBI’s Internet Crime Complaint Center (IC3) or contact your local law enforcement agency. You can also forward the email to your email provider’s spam reporting address, which helps them improve their filters and protect other users from similar scams.
Q10: What are some red flags to watch out for in scam emails like this one?
A10: Some common red flags in scam emails like the “I Gained Control of Your Devices” scam include:
Urgent or threatening language designed to induce fear and panic
Claims of having access to your private information or devices without providing verifiable proof
Demands for payment in cryptocurrency, which is difficult to trace
Tight deadlines for payment, typically within 24-48 hours
Poor grammar, spelling, or formatting inconsistent with official correspondence By familiarizing yourself with these red flags, you can better identify potential scams and avoid falling victim to them.
The Bottom Line
The “I Gained Control of Your Devices” email scam is a disturbing and manipulative scheme that preys on people’s fears and insecurities. By understanding how the scam works and taking proactive steps to protect your online privacy and security, you can reduce your risk of falling victim to this type of extortion.
Remember, the scammer’s power lies in fear and intimidation. By staying calm, refusing
How to Stay Safe Online
Here are 10 basic security tips to help you avoid malware and protect your device:
Use a good antivirus and keep it up-to-date.
It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.
Keep software and operating systems up-to-date.
Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
Be careful when installing programs and apps.
Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."
Install an ad blocker.
Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.
Be careful what you download.
A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.
Be alert for people trying to trick you.
Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.
Back up your data.
Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.
Choose strong passwords.
Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.
Be careful where you click.
Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.
Don't use pirated software.
Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.
To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.
Leave a Comment
Meet Thomas Orsolya
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
MALWAREBYTES FOR WINDOWS DOWNLOAD LINK
