CIA sextortion — an old scam with a new twist

June 7, 2019

What would you think if you received an e-mail with “Central Intelligence Agency — Case #45361978” in the subject line? Would you decide that someone, somewhere had seriously screwed up and accidentally sent you a top-secret file? Or that you’re being recruited for the secret services (well, you never know)? Alas, in either case you would almost certainly be mistaken — the e-mails in question are just another extortion trick.

A message, supposedly from the CIA, threatening arrest for possession of child porn and demanding a ransom

Accused by the CIA of pedophilia

The author of the e-mails that caught our experts’ collective eye poses as a CIA officer who has allegedly found the recipient’s details in Case #45361978 (relating to possession and distribution of child pornography, or so it seems). The “officer” states that the CIA is about to swoop in on more than 2,000 individuals suspected of pedophilia in 27 countries around the globe. The message implies that the recipient is accused of being one of them.

The scammer is kind enough to reveal the scope of the information the department has: apparently not only the victim’s name, phone number, and e-mail, but also home and work addresses and information about relatives (supposedly obtained from a range of sources, including ISP, online chats, and social networks).

The cybercriminal allegedly has access to the case file and can help prevent arrest by deleting the compromising information. However, the victim will have to pay $10,000 in bitcoin for this. There’s not much time to mull it over — the first arrests are allegedly due to commence in a couple of weeks, and for the kind-hearted CIA employee to be of assistance, the money needs to be transferred within nine days.

Sample extortionate e-mail threatening arrest for possession of child pornography

Don’t believe the extortionists

Scam mailings accusing the victim of having a taste for pornography are nothing new. In most cases they concern legal porn, though, and the cybercriminals introduce themselves as hackers in their typo-infested messages threatening to expose your immoral habits to friends and colleagues.

Compared with regular sextortion spam, the “CIA” message is well-written, with grammatically correct, stylistically restrained language in a quite official-sounding tone. The scammers also took care of the layout: The message text is nicely formatted and easy to read, and the effect is amplified by the CIA emblem staring out from the screen.

However, just because the message looks more imposing doesn’t make it more true. Don’t be offended, but the CIA is unlikely to give a hoot about you. The scammers most likely found your e-mail address in a database leaked online, or even just came across it by chance.

Most likely, they have no information about you at all. Such messages are sent to thousands or even millions of people in the hope that just a handful will swallow the bait. Given the size of the ransom, if even a few victims pay up, it will have been worth the cybercriminals’ time and effort.

Don’t panic

If you get an e-mail seemingly from the CIA, the most sensible thing to do is trash it immediately. The likelihood that someone at Langley has you on their radar is infinitesimally low. However, if curiosity takes over and you do read it, our number one tip is not to panic.

  • Never pay scammers; that would only encourage the extortionists even more.
  • Do not respond to the e-mail, even if you really want to prove to the author that your name is in the “case file” by mistake. By doing so, you would be confirming that your address is valid and provoke an even greater wave of spam. For the same reason, do not try to troll the scammers.
  • Close the message and mark it as spam — this will help the spam filter to do its job better.