Students receive ‘sextortion’ scam email

By Ivanka Perez     11/19/19 10:25pm

Hackers sent “sextortion” scam emails to 68 students in the past three weeks in which they threatened to release inappropriate videos, according to Marc Scarborough, Rice’s chief information security officer. 

In these emails, the attacker threatened to release students’ personal information to all of their contacts unless they sent $720 to the sender within 36 hours of opening the email.

“I injected my code to this device and I started to monitor your activity,” the attacker wrote in the emails. “My first idea was to block and encrypt your files. And [then] I would ask for a small fee to release them back. But [then] one day, You visited some dirty websites. You know what I mean naughty thing. And I silently activated your front camera and recorded You. Yes! You were playing with yourself. What a funny video.”

---

---

The name “sextortion” refers to threats of releasing videos or personal information, usually related to pornography, according to Scarborough. 

“These particular scam emails take it a step further by claiming they have recordings of unflattering webcam feeds and internet activity, usually involving pornography,” Scarborough said. “The goal of the scam is to extort a payment to prevent this embarrassing information from being released to friends, family, professional colleagues and other people in the recipient’s contact lists.”

Scarborough said that students receiving these emails should disregard these threats. According to Scarborough, these types of scam emails have become increasingly common.

“An attacker uses online databases of exposed usernames, email addresses and passwords in an attempt to trick people into believing their accounts and computers have been hacked,” Scarborough said. 

Will Rice College senior Maya Pai was one of the students who received the scam email. Pai said that when she saw the subject line of the email, which suggested her email was hacked, she was worried because she had previously been targeted in a recent breach of the textbook rental and homework help company Chegg. The breach resulted in over 130 Rice email addresses and passwords being exposed. 

Pai said that once she opened the email, the wording of the email made the threats seem false, but she was concerned that the email appeared to be sent from her own email address.

“It says … [that they] sent this email from your own email, which means [they] have access to your account,” Pai said.

However, Scarborough said the sent address doesn’t indicate that the student’s email address was hacked, and was likely modified as part of the scam.

“The ‘From’ address in an email is changeable in most email clients like Thunderbird, Apple Mail and Outlook,” Scarborough said. “The ‘From’ address is like the old ‘Return Address’ on a postal letter; the person sending the letter writes their own return address on the letter.”

According to Scarborough, the Office of Information Technology has received reports of this scam email since around Sept. 23, with the last report coming in on Nov. 6. 

Nicole Koonce said she received the same email two days after Pai received hers.

“I wasn’t completely surprised by the content of it since I had already read [Pai’s],” Koonce, a Will Rice senior, said. “I was a little stressed at first about getting the email since I thought I would have to reset all my passwords.”

Scarborough recommends reporting any suspicious emails to the Information Security Office and the OIT. 

Scam emails can be reported to the Information Security Office at https://oit.rice.edu/security-incident, or to the OIT help desk at helpdesk@rice.edu or 713-348-4357 (HELP).

---