A warning about webcam (Skype) blackmail scams: SSO Alert Priority Moderate
Connect with Stay Smart Online
22 November 2013
Users of video services, such as Skype, should be aware of a variety of scams that may use footage and images captured without your knowledge, to blackmail you.
In one version, the scam originates from a dating website or social network site like Facebook. The scammer may pretend to be an attractive, potential partner and strike up an online relationship with you. It may take some time and seem extremely believable. Eventually, they may ask you to join a Skype (video) call with them.
During the video call the scammer may attempt to lead you into participating in intimate, sexual activity or nudity, which can later be used to blackmail you.
Scammers may use carefully prepared webcam images or footage of themselves which may initially seem flattering, but can increasingly become coercive and explicit. They steadily increase pressure on you to participate, which they record and later threaten to distribute online.
Other reports include the scammer manipulating the images taken, to make them seem worse.
The scammers may threaten to send compromising pictures or video footage of you to your friends, colleagues or family, or post it to your networks such as Skype contacts or Facebook friends. Others have threatened to post the footage to porn sites or YouTube.
What you may believe to be a highly intimate and private moment may in fact be watched by a room full of strangers. Some victims have been extremely distressed following this realisation, with tragic consequences.
In another type of webcam-based scam, malware installed on your computer can be used to operate your built-in webcam, recording images of you without your knowledge. This malware is known as a Remote Access Trojan or RAT and can remotely activate your webcam, at the same time, disabling your camera indicator light. These images can also be used to blackmail you.
What should you do?
As always, make sure your software and systems are up-to-date, and that you are using up-to-date security software.
Be aware that anything you do on the internet, including video and voice calls, can be recorded.
Never use your webcam to video call someone you do not know.
Be cautious about people you meet online. People you meet online may not be who they seem to be.
Revealing personal details online is extremely risky.
Be aware that this type of scam is blackmail and it is illegal. The scammers are breaking the law.
If you have been threatened, you should:
Block their emails and their accounts from all networks. Cease all contact with the scammer. Scammers often seek soft targets, so they may move on if you do not respond. Some victims have reported no further consequences once they blocked the scammer and ignored their demands.
Be suspicious of any new or unusual friend requests, for example, someone you thought you were already friends with on Facebook.
Save the scammer’s details, emails, comment threads or any other evidence you have of them and the extortion attempt. This can be done with screenshots or taking a photo with your phone.
If you think images or footage may be posted online (you can set up a Google email alert to look for this content every day), you can contact the host site to ask them to remove the files.
Contact your local police and notify them of the activity.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.