Hacking forums are packed with people selling explicit photos and videos that can be used for blackmail. New analysis shows scammers are making up to $500,000 from the trade in just a matter of months.
By now you should know not to trust everything you see online. Despite being one of the internet’s oldest informal rules, the UK is seeing a growth in the number of sextortion cases. And new analysis reveals the people behind the blackmailing scams are making thousands of dollars through the practice.
Most organised sextortion scams look similar. A victim is approached through social media and after they establish a rapport with the attacker, the conversation turns sexual. When the victim has been tricked into taking off their clothes on a webcam, the chat turns.
The person the victim thought they were talking to wasn’t who they said they were. They demand money, with the underlying threat that if it isn’t provided the compromising footage or images will be released to family, friends and colleagues.
According to the UK’s National Crime Agency (NCA) there’s been an increase in reports of sextortion. The NCA received 1,484 reports of sextortion – or cyber-enabled blackmail with a financial motive – in the whole of 2018, as well as a further 241 without any financial motive. So far this year they’ve recorded 703 cases where people sought to profit, and a further 95 where money didn’t change hands.
“I think this is just the tip of the iceberg,” says John Branney, who works in the NCA’s anti-kidnap and extortion unit. “Very often victims feel embarrassed or ashamed – and criminals rely on that reaction in order to succeed.” Branney believes that “thousands of people in the UK are likely to be falling victim [to sextortion] every year.”
And in Australia, where Anastasia Powell of RMIT University has surveyed more than 4,000 people, one in ten people said they’d been threatened with the release of sexual images of themselves. Often these can be from former partners. “Less common were threats from unknown people,” says Powell. “Approximately 1 in 20 victims of a threat to distribute a nude or sexual image said it was from a stranger.”
Webcam scams where victims are tricked into exposing themselves often target men, researchers say. New analysis by academics at Madrid’s Carlos III University and the University of Cambridge’s Cybercrime Centre looks at the scale of the scam and how the con artists pull off their trick. Including the origins of the people conducting the scams and whether the characters used to con people are real.
eWhoring – the term used to describe simulating cybersexual contact to scam people out of money – has been around since 2008. But an analysis of more than 620,000 posts made by 73,000 individuals on popular hacking forums shows exactly how the scammers catch their victims.
“We were astonished from the very beginning,” says Pastrana. “eWhoring is the category on Hack Forums that gets the highest frequency of posts per month. The reason is it’s easy and I assume that dealing with the sexual desires of other people is a way to make good money. This is a business for them.”
Some of the posts on Hack Forums’ eWhoring subforum show just how normalised and businesslike the approach is to sextortion. A post advertising one guide has been viewed nearly 40,000 times. Users can buy it for $39.99 and receive tips on how to take advantage of victims. “YOU CAN EASILY EARN 150$-200$ PER DAY WITH EWHORING AND ITS MY PROMISE,” the author writes, including eight testimonials from people who have purchased the guide and profited.
The researchers analysed 4,000 threads offering so-called “packs” – collections of pictures and videos that can be used by scammers to try and convince victims that they’re talking to real people. For ethical reasons, the researchers didn’t buy any of the packs for sale, but instead viewed the packs some users offered for free.
They then ran the images – barring 36 images of child abuse found amongst the packs, which they passed on to the Internet Watch Foundation – through reverse image searches to try and identify their provenance. Unsurprisingly, a large number of the images and videos came from pornography websites, though a surprising proportion came from social platforms. “There are some techniques for doing this,” says Pastrana, who has studied some of the advice users gave their peers on the forums. “Just go to an Instagram account and find a good-looking girl, then start downloading their pictures. First you have to find clothed pictures, then nude pictures, and they have good knowledge on how to create these packs.”
A good number of the free packs contained duplicated images and videos. “Some people appear to use the packs for eWhoring, make money and then redistribute them,” says Pastrana. However, more premium packs are labelled as “unsaturated”, which means they contain exclusive images that haven’t previously been traded around the eWhoring world – making it less likely that people will cotton on to the scam.
The potential profits are huge, and users on eWhoring forums are keen to show off their successes: Pastrana and his colleagues analysed nearly 2,000 so-called “proof of earnings” images – where users posted screenshots of their Paypal or Amazon Gift Card accounts demonstrating the money they had extorted from victims who had exposed themselves on camera and were then being blackmailed.
More than 660 individuals who posted proof of earnings pictures raked in more than $500,000 (£400,000). One single user posted 46 images between March 2017 and December 2018 purporting to show more than $18,000 (£14,000) of income from victims. “Some of these people are making thousands of dollars, and this is just what they report,” says Pastrana.
Paypal and Amazon Gift Cards – the latter of which was the most frequent method of payment by victims – are used by the extorters because of their ease of use and lack of traceability. “Sometimes not everyone can get bitcoin, and having a Paypal account can be trackable,” says Pastrana.
“It’s clear that criminal gangs are making vast sums of money preying on the vulnerable,” says the NCA’s Branney. “What is of even more concern is the impact these demands have on some individuals. We know of at least five young men whose lives were cut short after they resorted to suicide because they felt it was their only way out. I have personally witnessed the devastating effect that sextortion can have on both the victims and in the more tragic cases, the families they leave behind.”
That’s something Powell has found, too. “Our research showed that the threat of not knowing whether, where or how your sexual images might be exposed, who will see them, and what the consequences will be, is very distressing to victims,” she says.
However, the majority of the users on the message boards Pastrana and his colleagues analysed seemed not to consider the human impact of their actions. “We understand that many of the users making a large amount of money started being interested in hacking boards or gaming, looking for Minecraft servers,” says Pastrana. “But as they grow older, they engage with eWhoring. They want to learn how to hack, but some of them want to learn to make easy money.”
Those involved also seem not to be sure whether what they’re doing is illegal or not, based on the conversations Pastrana has analysed. “Some of them reckon it’s illegal because you’re making money and not reporting your income or impersonating someone, but they don’t care,” he says. “They all agree that they will never be chased by law enforcement.”
Branney strongly disagrees with that. “The NCA, UK police forces, European and international law enforcement partners are working together to build a more accurate picture of the problem and of those responsible,” he says. “We want victims and potential victims to know how to protect themselves and understand what to do if targeted. Report it to your local police who will be able to support you. Remember, don’t panic, don’t pay, don’t communicate any more with the criminals.”