Pay up or else – What is Sextortion?

The rise of encrypted social platforms

Whereas it’s good to have end-to-end encryption, This protects your personal chat data, BUT also protects the hacker's data. They will share links with noobs. It’s hard for authorities to infiltrate these chatrooms and investigate breaches

Key to note:

• Very poor cyber security culture

• There biggest cause of sextortion is weak platform/ device security.

• People use similar passwords across multiple platforms.

• They don’t read through their email (especially the fine print)

• Poor organisation security

• Over-reliance on public WIFI in offices

How will they obtain your data or private content?

• The “complicated way” spammers will deploy a collection of botnets (A compromised network of computers) from a remoter server/s.

• These compromised/ infected devices will then send out over 1000 emails a day to other devices on compromised networks or with malware.

• A hacker or “sextorter” will share a booby trap file that you’re enticed to open. Once you click on a link, usually spam mail, malware will be installed on your devices, devices. This will grant the hacker remote control of your devices.

They’ll get access to your webcam, search history, bank details, location, email calendar, cloud storage, etc.

• Be careful with screen recorders, these are now available on app stores and some are pre-installed on smartphones, IOS and Android.

Key insight:

Malware exists in over 20% of web spam, and this is more often or not in emails Malware is available online on the dark web or in chatrooms.

• Catfish account direct messages (DMs): We are in the era of trolls, parody accounts, and online the catfish.

These accounts will pretend to be female/ male and what they will do is share only fan's links or links to their sensual content on other 3rd party platforms. People who are into that kind of content will click on these links and eventually get their data breached.

The other way that this is happening is through DMs that they send you, asking you to share a video of you pleasing yourself or an image of you nude.

“If you don’t respond or send, I am going to please someone else”

What to do in the case of sextortion?

• DON’T CREATE COMPROMISING CONTENT

• Don’t send more photos in the scenario that you’re being blackmailed

• When you’re being blackmailed in this way, never give them the money

• Inform authorities immediately

• Reach out to someone with knowledge on how to deal with online data breaches

• Change your password regardless

Victims are less likely to report outside of their inner circle.

It’s not always about the money.

Sometimes it is Revenge Porn, these are scenarios of relationships or rejected advances from men and women

It is a form of sexual assault, the victim is constantly used for sexual favors

Who are the easy targets?

Online users with weak security

Public figures

Some examples: TV Presenters, Musicians, Actors, CEOs, MDs, News Anchors, socialites, etc

Why are they easy targets?

Public figures have public lives.

Their personal data is almost easy to find; Location, Phone number, Email address, could have been leaked online. These compiled only the web servers.

Their platforms and data is managed by relatives or friends. These people usually don’t have the technical knowledge to foresee attacks or even know how to retrieve stolen accounts

What type of content will be used to target you?

• Account Verification links

• Advertisement links

• Job offers

• Emails that contain Malware; SOS mail and the famous Nigerian prince

• WhatsApp links

• Clickbait

• Stream links

• Web meeting chats

• Links shared on public streams

• APK files shared on software sites

How to prevent some of these;

• Two-factor Authentication apps

• Sequence your passwords.

• Avoid Public WIFIs unless you have good platform security

• Pay attention to your email text, READ it DON’t Click it. Especially emails claiming to verify the account, complete login

• DON’T DOWNLOAD THINGS FROM PEOPLE YOU DON’T KNOW

• Have an extra layer of security; use backup codes, face login, fingerprint, voice activation

• Avoid random WhatsApp groups; activate invite from non-contacts

• Remove auto video or Image download

• Consult as much as possible, build a knowledge base on cybercrime

• Avoid redeemable campaigns that are driven by link sharing mechanics

• Be careful with Promo codes

• Get into a culture of secure backups

• Format your drive/ card whenever you sell or lose a device

• Tape your webcam

What are some of the consequences of sextortion?

• Jail time for the attacker.

• Loss of money from victim or organisation.

• More cybercrime

• Suicide for the victim

Article information:

Research on this subject has been something of interest to me since I joined media. Many friends reach out for help after such attacks.

I have been collecting data from a series of cases I have personally handled and consultation from security agencies like CID, forensics organisations, and data provided by security firms in Africa.

Among the people I have helped who have faced such attacks are Samson Kasumba, Douglas Lwanga, Ndaula Stanley, MC Ollo, Catherine, Martha Kay, Anita Fabiola.

Food for thought

The Internet was designed to be an open highway of information, for it to be secure seems contradictory to its nature.

Useful links:

https://respect.international/sextortion-infographic-from-a-survey-of-1631-victims/

About Danze Edwin

Danze Edwin is currently the Head of Digital Marketing at Next Media Services. He is a radio show host and TV Host on NBS TV’s on Another Round Ug.

He’s worked for various brands such as The Sylvia Owori, African Woman Magazine as a social media manager, Digital Manager at Fireworks Advertising, Brainchild Burson Marsteller in 2017 he joined NBS Television as the Head of Digital Marketing.