They Know Who You Are
Some time ago, a few identical emails from fictional individuals landed in my spam inbox. I normally do not pay much attention to spam, but the subject line of these particular emails caught my eye, because it was:
My Real Name, My Real Address, My Real Phone Number.
The email was a cyber extortion, addressed to me personally, and it went like this:
“REAL NAME, I know that calling REAL NUMBER or visiting REAL ADDRESS would be an effective way to have a word with you in case you don’t act. Don’t even try to escape from this. You have no idea what all I can do in YOUR REAL TOWN. I suggest you read this message carefully. Take a minute to relax, breathe, and really dig into it.’Cause we’re about to discuss a deal between you and me, and I ain’t playing games. You do not know me but I know EVERYTHING about you and right now, you are thinking how, right? Well, you’ve been treading on thin ice with your browsing habits, scrolling through those videos and clicking on links, stumbling upon some not-so-safe sites.”
The scammers then proceeded to inform me that they installed a malware on my device that recorded what I was supposedly watching on those unsavory sites and used my camera to record me as well, and now they are ready to send this video to all my contacts which they also hacked – unless I pay them $2k in crypto currency.
At this point I had to laugh, because:
- I know I do not visit such websites for moral reasons, and even if I wanted to, I could not, because our Guardian router stops this garbage from getting into our family’s WiFi network and reaching me or my kids
- They could not record me on my camera because it is always covered by the privacy camera cover.
No dirty secrets, sorry. My life is really quite boring.
Privacy is Dead
I knew the cyber extortion was a phishing scam, a version of the well-known Nigerian extortion scheme, and yet initially it made my skin crawl. Whoever these criminals are, it looks like they know too much about me – or do they? Not really, because the claims of the letter are false. What they actually know is my identity, which has probably ended in their possession after one of many data security breaches for which the big companies apologized in their official letters, assuring me that they are “monitoring the situation carefully”. So much for that.
The truth of the matter is that for many of us our real names, addresses, phone numbers, social security numbers, and bank accounts have ended on the dark web for the bad actors to use against us in nefarious ways.
We can uproot our family and move to a different house, change our phone numbers and credit cards – and it is only a matter of time when the new information will be stolen again, because with increasingly sophisticated AI technology all the Internet locks can be broken.
The reality is – our privacy is dead. Now what?
Which One of Us is Without Sin?
Once my rational brain came back online, I realized the accusations of the cyber extortion scheme were ridiculous because they did not apply to me. I do not go to “adult” sites. My router protects my kids and anyone on our family WiFi network from coming across questionable content – even accidentally. The worst I could be accused of is watching romance movies – but that is hardly blackmail material.
Another claim of the scammers – that they recorded me inside my home – is also untrue, because in my home there are no cameras around – no Amazon Alexas, no Google Homes, no Nest, no spying smart vacuums. That’s intentional. The home is a sanctuary, I don’t have to share it with Big Data. The cameras on my devices are covered with privacy sliders, so even if anyone hacks into them there is nothing to see.
Harnessing Fear
Yet, the blackmail spam was rather genius because its potential victims are legion. I wonder if its creators have given their AI the task prompt that went something like this: “write the most scary and effective blackmail letter that would generate the conversion rate of X”. Here is another excerpt:
“Been keeping tabs on your pathetic existence for a while now. It is just your hard luck that I got to know about your bad deeds. I gave in more time than I probably should’ve investigating into your life. Extracted quite a bit of juicy info from your system, and I’ve seen it all. With simply a click, I can send this video to all of your contacts. I feel your worry and confusion. I can’t even fathom the humiliation you’ll face when your colleagues, friends, and fam check it out.”
The text harnesses fear, which is the most effective way to manipulate behavior. It threatens to expose our most shameful secrets to our loved ones, so that we would lose our tribe as everyone rejects us – which was the equivalent of a death sentence in prehistoric times. The words are deviously selected to activate our survival instinct. Paying off the blackmailer becomes a matter of life and death in the brain that is sent into fight-or-flight panic mode. Powerful stuff.
Scams like this are produced on a mass scale and are automatically distributed to tens of millions of people across the globe, and they would only become worse over time as AI learns to create custom messages exploiting fears of specific individuals derived from their digital footprint. There will always be a small percentage of people who would get scared and pay up – the conversion rate. Because no one is without sin. Many do visit questionable sites and sit in front of their cameras as they consume “content”. When it comes to us fallible humans, “all have sinned and have fallen short of the glory of God” (Romans 3:23, The Bible). We are all guilty of something, and the scammers count on it.
So what can we do to protect ourselves? Let’s look no further than the blackmailers’ letter itself for prevention tips.
Keep Your Life Clean
If we have nothing to hide, they can’t hurt us. Technically, they could take our family Christmas portrait and generate pornographic content featuring us as a star, and it would look real, but why go through all this trouble when there are already so many other people who incriminate themselves online? So avoid pornographic websites, or if it’s an addiction you struggle with, use a service like Covenant Eyes.
Don’t take, post, or seek questionable pictures or videos – of yourself or others. Nothing is private on the Internet, so the rule of thumb is: “If you don’t want your grandma to see it, don’t do it.”
Minimize Your Digital Footprint
Unfortunately, the less we say online, the safer we are. Freedom of speech is a luxury we can no longer afford. With a large enough audience, someone would always find offense with the most neutral remarks – and goodbye college admission or the job. Already, that someone is not a human we could argue with, but an algorithm that is tasked with selecting job candidates or giving out loans. So we better keep our political opinions to ourselves, and remain silent, for everything we say can and will be used against us – algorithmically and forever.
Keep Your Home Dumb
As much as it depends on us, we need to protect our privacy. Every smart home gadget is a Trojan horse of surveillance. With inadequate data privacy laws and frequent data breaches, cameras and microphones in our living rooms are simply not safe. No matter how magical they seem, the risks are not worth it. Another prevention tip is to go into the settings of every app and device we use, and turn up privacy settings to the maximum – which usually means turning off default settings which are never in our favor.
There is an app that could email the companies on our behalf demanding that they do not track, use or sell our data – Permission Slip, made by Consumer Reports. It works like an official legal request to the business to reclaim our privacy rights.
Security Freeze - Protect Your Money
Another wise prevention tactic is to place a security freeze on credit ratings at all 3 major credit bureaus – Equifax, Experian, and TransUnion – to make sure identity thieves do not take out credit in your name. Identity protection services do this for a fee, but you can do it yourself for free. If you plan to take out a loan in the future, you would need to contact them again to have the security freeze lifted temporarily.
When Cyber Blackmail is Real
Finally, what is there to do on the off chance the blackmailers decide to go through the trouble of exposing our secrets – potentially, to scare future blackmail victims into compliance, especially if the matter explodes on the news? First, we should go to the police to catch the bastards, second, we should come clean with a public apology and ask for grace and forgiveness. It’s not the end of the world. Many a politician went through this and survived. People will forget and move on to the next scandal. Some would even feel compassionate, because we all have secrets. We are all human, no one is perfect, and that’s ok.
