Skip to content ↓ | Skip to navigation ↓

Extortionists have launched a new sextortion scam campaign that leverages a fake Central Intelligence Agency (CIA) investigation to try to scare users.

In an email I obtained from a wary user, the scammers pose as a fake CIA technical collection officer named Roxana Mackay. This character claims in the email that she’s found the user’s personal information including their home address, work address and a list of relatives along with their contact information in a document pertaining to Case #73519284, a fake CIA investigation which according to Mackay has arrested more than 2,000 individuals suspected of pedophilia in 27 countries thus far. She notes that she and her other CIA technical collection officers were able to obtain the user’s personal information through their ISP web browsing history, social media activity log and other data sources.

The attack email

As shown in the email above, Mackay tells the user that federal law enforcement will arrest the user on 8 April 2019 unless they agree to work with her. As quoted in the email:

I read the documentation and I know you are a wealthy person who may be concerned about reputation. I am one of several people who have access to those documents and I have enough security clearance to amend and remove your details from this case. Here is my proposition.

The fake CIA employee then instructs the user to send $10,000 in Bitcoin.

At this time, the Bitcoin wallet address associated with this campaign has not been involved in any transactions.

Screenshot of the status for the Bitcoin wallet address 32TNtjLdHEsfcoap5gL8PKVM3GzxupAQK4.

This isn’t the first sextortion email to surface in recent months. There have been no less than four sextortion scam campaigns over the past several months. That being said, this is the first publicly reported attack operation where sextortionists have recently posed as member of the intelligence community and demanded such a high ransom payment.

Users should never meet the demands of these types of extortionists. Instead, they should protect themselves by exercising caution around suspicious email attachments and links as well as install an anti-virus solution on their computers.