Extortion email scam demands ransom Bitcoin payment; uses QR code to provide address

Posted by Akankasha Dewan on 11 December 2019 10:53:26 AEDT

Extortion email scams have been on the rise lately, fueled by multiple data breaches that have leaked mass amounts of personal information. MailGuard intercepted an extortion scam on the 8th of December morning (AEST).

The malicious emails are infiltrating inboxes using varying display names and subject titles. The message body is in plain text that uses many unicode characters to avoid detection. It claims that attackers have obtained recipients’ passwords and have installed special software on their devices to record recipients when they are viewing adult content. The email threatens the recipient that the recorded video will be released unless a payment is made in Bitcoin. A Bitcoin address is given in the form of a QR code image.

Here is a screenshot of the email:

extortion bitcon 11121

This attack preys on a fear of humiliation and embarrassment to trick users. By telling victims that sensitive, personal and embarrassing information has been obtained, it evokes panic among users, motivating them to urgently provide the ransom money.

Scammers are attempting to blackmail me! Now what?

It is key to remember that this scam is fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia. This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you.

The password in the email is likely to be an old one. If it is still in use, we strongly recommend updating any service that may use the password.

To be safe, we also advise using unique passwords for every site you visit, and setting up 2-factor authentication where available.

Defend your inbox

Even the most experienced and savvy email users can have a moment of haste, carelessness or fatigue when their guard is down. Just practising good common sense isn’t enough anymore, because for scammers it’s a numbers game; they know that if they keep sending their scams, sooner or later we will slip up and do something we shouldn’t.

Extortion phishing scams can be enormously costly and destructive, and new scams are appearing every day. Don’t wait until it happens to you or someone in your business; take action to protect your inboxes, now.

For a few dollars per staff member per month, add MailGuard's cloud-based email filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: expert@mailguard.com.au

Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates



Topics: Phishing brand exploitation brandjacking fraud ZeroDay spoofing fastbreak Microsoft Office 365

Back to Blog


    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Recent Posts

    Posts by Topic

    see all