Cyber Security Center

What is “Unfortunately, there are some bad news for you” email scam


The generic sextortion email campaign “Unfortunately, there are some unpleasant news for you” threatens to publish a private video of you viewing pornography if you refuse to pay $1750 in Bitcoin. It’s a classic example of the recent influx of sextortion emails that threaten to publish users’ private videos that don’t actually exist. While the email may seem alarming at first sight, it’s nothing more than a scam that you can ignore. There’s no malware on your computer, nor do malicious actors have a private video of you.

 

Unfortunately, there are some bad news for you scam email

 

Recent years have seen an increase in sextortion scam emails, with new campaigns appearing regularly. They all follow a similar pattern and hence appear to be nearly identical, although they’re probably being operated by different scammers. They start off by intimidating users with claims like “I have obtained access to your device” and “I have recorded several kinky scenes of yours and montages some videos”. The malicious actor behind this scam also mentions that they were able to steal users’ contacts and threaten to send them the private video if they do not agree to pay $1750 in Bitcoin to one of the provided wallet addresses.

As is typical for sextortion emails, this “Unfortunately, there are some bad news for you” email scam is written in broken English. In the awkwardly-written email, the scammer explains that they were able to buy access to your email account, which supposedly allowed them to install a trojan virus onto all devices that are used to access the email. Once the supposed trojan was installed, the malicious actor was able to take control of the device, thus allowing them to turn on/off the microphone and camera. From there on, they were supposedly able to access your messages, emails, social networks, contact lists, etc. Finally, the malicious actor claims that they were able to montage a video of you watching adult contact. The nonexistent video is supposedly a dual video of you on one side and the video you were supposedly watching on the other.

The scammer gives you 48 hours to pay $1750 to one of the provided wallet addresses. Otherwise, they will supposedly send the video to all your contacts and publish it online. While these claims may seem alarming, they are complete nonsense. There is no trojan on your computer, nor is there a private video of you. You can ignore this email completely.

There are many different variations of these types of emails. One of the more convincing ones is the sextortion emails. Some of the more absurd ones have scammers suggesting that if a payment is not made, an assassination hit will be carried out on the user. Another campaign warns that if money is not transferred, a bomb will go off at the user’s place of employment. During the COVID-19 pandemic, there were even emails suggesting that the users and their families will be infected with the virus if they do not pay. There’s really no limit to how ridiculous these emails can get. Fortunately, they are very rarely effective as users recognize the ridiculousness. But the sextortion emails are somewhat successful in some cases, as money has been transferred to the scammers’ accounts.

Why did you get this sextortion email?

Sextortion emails, including this one, usually claim that the reason users receive the emails is that their computers are infected with a trojan and their email accounts have been hacked. In reality, what happened was your email address was leaked and bought by scammers from a hacker forum. Malicious actors purchase thousands of email addresses from various hacker forums and then proceed to use them for malicious purposes. You can check which service has leaked your email address and how many times on haveibeenpwned. If you got one sextortion email, you’ll likely get more of them because your email address is part of collections of data sold on various hacker forums.

In some cases, scammers go a step further to trick users by including users’ passwords. When users see their passwords in such emails, the email becomes a hundred times more convincing. In users’ minds, how else would the sender have the password if not because they hacked users’ computers? In reality, scammers are able to obtain the passwords the same way they get the email addresses, from hacker forums. In some cases, when a service is hacked, users’ passwords can get leaked if they’re not properly secured. So if your password was leaked, it’s not difficult for scammers to just include it in a sextortion email. If your password was actually included in a sextortion email, and you still use it, you need to change it immediately. Keep in mind that passwords should be unique for all accounts, no matter how insignificant. Your passwords should also be complex and made up of upper and lowercase letters, as well as numbers and symbols. Using a password manager may be a good idea.