‘Sextortion’ spam goes up… and profits go down

Credit: ID 22633027 © Skypixel |

So-called sextortion scammers have in the past made big bucks from victims who fall for claims in spam email that someone has compromising film or footage. 

Cisco’s Talos Intelligence malware researchers last year documented one group who’d made about $150,000 in two months using the scam after analyzing thousands of cryptocurrency wallets linked to a campaign whose sender was invariably “Aaron Smith”. 

But that was a year ago. Today, it seems, the scammers behind that campaign aren’t having as much luck hooking victims with bogus claims they have embarrassing content about the victim. 

The group in question built its sextortion mailing list from publicly available lists of breached email addresses and passwords. They then used large networks of compromised computers, largely in India, Russia, and Vietnam, to send about 250,000 spam messages to the targets claiming they possessed explicit videos of the person. The ruse back then was lucrative.      

Today, the “Aaron Smith” part of the group’s handiwork has gone and has been replaced with an email subject header that supposedly is the person’s username and password for a particular account. That’s the exact same subject header a scam group was using last year, which netted USD$250,000 in Bitcoin in a matter of weeks.