A large sextortion campaign is potentially targeting more than 27 million victims using a network of infected devices, otherwise known as a botnet.
Sextortion scams are a type of phishing attack which coerce people to pay a cryptocurrency ransom because they have been threatened with the potential sharing of damaging content – in this case, compromising photographs of the recipient.
The botnet is said to be reaching its victims at a potential rate of 30,000 emails per hour. The emails include personal details such as passwords in an effort to convince victims that the threat is real. In reality, these details have been gathered from existing data breaches.
The attackers threaten to release compromising photographs of the victims unless they pay $800 (£628) in the cryptocurrency Bitcoin.
Sextortion attacks are a particularly devious way of playing with people’s emotions.