How to recognize an extortion email

With ransomware, computer criminals try to extort money from you. They do this, among other things, with e-mails in which you are extorted. This article tells you how to recognize these emails.

Ransomware

Ransomware has been on the rise in recent years. The most harmful version comes in the form of malicious software that takes your files and computer hostage. You will get it back when you pay the ransom. At least, that’s what the hijackers claim. This type of ransomware is also known as cryptoware. You will quickly recognize this ransomware because you will no longer be able to open files and a window will appear on your screen with instructions for the ransom.

Extortion mail

The other ransomware variant is the extortion email. In this you are accused of illegal or covert activities and you prevent their disclosure by paying money. Although new extortion emails are regularly covered in the media, many people still have trouble recognizing these annoying emails. They may not be tempted to pay just yet, but at the very least feel uncomfortable about it. For that reason, it is good if you can recognize an extortion email for what it is yourself.

How did a blackmailer get my email address?

Extortion emails are almost always circulated in large quantities. Hoping that at least some people will give in and pay. Since sending emails costs nothing, every payment from a victim is already a profit. As with spam (unwanted advertising), a blackmailer obtains e-mail addresses from illegal databases containing millions of stolen e-mail addresses and other personal data. They have been plucked from all kinds of websites or social media on the Internet or during hacking (breaking into) the sites of large Internet companies.

To me personally?

Blackmailers like to pretend they know you personally, but that is never the case with these types of emails. They just use a few tricks to make the personal touch seem real. For example, they like to address you with your name, but by default they use the part of your e-mail address before the @, such as pietvermeer at pietvermeer@provider.com. Because the creation and sending of extortion emails is done with a program, you will then be addressed as Hi Pietvermeer, for example .

It is not clear to a program what the surname in general is, so such an email does not get any further than such a sloppy display of your name. If the part before the @ is not your name at all, for example Boterbloem75, you will be addressed as Hi Boterbloem75. Then it is immediately clear that the blackmailer does not know you personally, despite all his claims in the rest of the email.

In the sample email accompanying this article (see the link above), the blackmailer pretends to be monitoring your computer extensively with all kinds of spy programs. In that case, it should of course be a piece of cake for him to mention your real name. Especially if later in the e-mail he also claims to have all your e-mail contacts. In addition, the recipient is blackmailed in the extortion email into supposedly visiting an erotic website. If the blackmailer really knew that, he would also mention the name of that website, of course, to convince you. That he doesn’t, says enough.

If your name and e-mail address in an extortion e-mail happen to match – for example because they were taken from social media together – then there are still sufficient indications in the further e-mail that nothing is correct.

My password?

The sample email also contains a password for the allegedly visited erotic website. That doesn’t say much either. Often random passwords are used in the hope that you won’t recognize it anyway. After all, who still remembers all their passwords from the past? Sometimes stolen passwords are also used, which were captured during a major burglary. But they have nothing to do with the erotic site in question.

Trawl fishing

Even if the above data turns out to be correct, it is still not that difficult to recognize an extortion email for what it is: fake. For blackmailers, sending these kinds of emails is like throwing out a dragnet. They hope to catch some fish with big guns. That is why the email is filled with bold assumptions. In the sample email, this means, among other things, that the recipient has visited an erotic site, has created an account there, is ashamed of it, has a PC or laptop and also uses a webcam. All recipients that do not meet these conditions are therefore automatically excluded from the dragnet.

Lack of logic

These types of extortion emails also fail due to the lack of logic displayed by the blackmailer. The scammer tries to impress with all the information but actually puts himself down.

For example, the sample email states that screen recordings were made on the recipient’s computer from visiting the erotic site. That is completely unnecessary if you supposedly already have the (account) data of that site as an extortionist. He can just take any screenshot on his own computer and pretend it was made on the recipient’s computer.

The comment about a pixel in the email that allows the blackmailer to see if it has been opened is also a miss. In the first place, that’s not how email works. In the second place: why would you still need that if you have supposedly been keeping a full eye on someone’s computer for a while with all kinds of software? Then, as an extortionist, you can also see whether your e-mail has arrived and has been opened.

The orders for payment are also not very logical. The blackmailer just assumes that everyone knows how to pay with bitcoins within two days. Nowadays, creating an account to get bitcoins and sending bitcoins often takes longer than two days due to all the control measures.

Finally

It is best not to take these types of emails seriously. In short: never pay. Never respond to such an e-mail by e-mailing back: the sender is forged. Delete the e-mail and possibly warn others that such an extortion e-mail is going around.