Fairfield Police Department Warns Residents of ‘Sextortion’ Phishing Scam

FAIRFIELD — Chief Christopher Lyddy and the Fairfield Police Department would like to warn residents of recently reported “sextortion” phishing scams and remind residents of important safety tips regarding scams.

In recent weeks, the Connecticut Intelligence Center (CTIC) has received reports of “sextortion” phishing scams from citizens throughout the state. The scam often involves victims receiving an email from a purported hacker claiming to have hacked their computer and filmed them watching pornography. The scammer then threatens to forward the material to all of the victim’s contacts unless the victim pays a Bitcoin ransom.

The email received by the victim oftentimes addresses the victim by name and references one of their passwords, often in the subject line. It is believed that the “sextortion” scam is particularly convincing because scammers have been able to get a hold of legitimate usernames and passwords of the victim. CTIC reports that the passwords used in these scams have been obtained from large data breaches that were leaked onto the web. The victim’s computer was not actually hacked. This information may be old, but using real usernames or passwords that the victim has used at one time makes the scam seem more believable.

Fairfield Police would like to advise residents that the most important thing to do if you receive an email similar to this, is to never pay the ransom.

Additionally, if the password emailed to you by the scammers is a password you currently use for any type of account, stop using it and change it immediately. The Federal Trade Commission (FTC) offers information on creating strong passwords and enabling two-factor authentication.

Fairfield Police would also like to provide the following tips to help residents avoid email phishing scams: 

  • Never respond to the email.
  • Don’t open emails from people you don’t know or don’t expect an email from. Pay close attention to the subject line, email address and grammar as these are often preliminary ways to tell that an email is a scam.
    • The email addresses used in this “sextortion” campaign were comprised of 10-15 randomized characters @outlook.com. Furthermore, the Bitcoin addresses used had three asterisks inserted somewhere in the start of the address, in an effort to avoid automated detection or analysis.
  • If an email, email attachment or link seems suspicious, do not open it, even if antivirus software indicates that it is safe.

To help people protect themselves from similar scams which can also be carried out via phone, text or social media, the (FTC) offers several tips, including:

  • Do not take calls from unknown numbers.
  • Do not share personal, identifying information like Social Security numbers, account numbers, or mother’s maiden names.
  • Be wary of callers who talk quickly and pressure you to make a decision quickly.
  • Do not send cash by messenger, overnight mail, or money transfer. If you pay for a product or service with cash or a money transfer, you run a risk of losing the right to dispute fraudulent charges.

Any Fairfield resident who believes they have been contacted by a potential scammer, or who believes they may have been a victim of such a scam, should contact the Fairfield Police Department at 203-254-4800.