Unmasking Empty Threats Scams: How to Spot and Defend Against These Scams

Protect yourself.

Empty threat scams are a common tactic used by scammers to create fear and urgency in their victims, ultimately aiming to extort money or personal information. These scams often lack any substantial evidence to support their claims, relying solely on intimidation and psychological manipulation. Despite their seemingly threatening nature, there are several key indicators that can help people identify these scams and protect themselves.

Generic and Vague Language: One of the first red flags is the use of generic and vague language in the message. Scammers send out mass emails or messages, making it impractical to personalize each one. As a result, they may use broad terms like "your account" or "your data" without specifying any details, such as the account name or specific information they supposedly have.

Absence of Specifics: Scam messages often lack specific details regarding the supposed breach or illegal activity. They may state that they have access to your account or personal data, but they won't provide any evidence or concrete proof of their claims. A genuine organization or authority would typically provide more information about the issue at hand.

Urgency and Fear Tactics: Scammers rely on urgency and fear to pressure their targets into taking immediate action. They may threaten to take legal action, involve law enforcement, or permanently block your accounts if you don't comply. By creating a sense of urgency, they hope to bypass logical thinking and elicit a quick response.

Request for Payment in Cryptocurrency: Often, scammers will demand payment in cryptocurrency, such as Bitcoin, as it provides a degree of anonymity for them.

To protect yourself from such scams:

• Do not contact them, don't ask for proof, if they had it they would have provided it.

• Stay calm and don't let fear drive your actions.

• Avoid clicking on any links or downloading attachments in suspicious messages.

• Install and update reliable antivirus and anti-malware software on your devices.

• Enable two-factor authentication for your online accounts to add an extra layer of security.

• Report any suspicious messages or emails to relevant authorities or organizations.

Remember, scammers thrive on creating panic and confusion. Being vigilant and cautious can help you avoid falling victim to their empty threats and keep your personal information and finances secure.

Here is an example email

Greetings!

I have to share bad news with you. Approximately a few months ago, I gained access to your devices, which you use for internet browsing. After that, I have started tracking your internet activities.

Here is the sequence of events:

Some time ago, I purchased access to email accounts from hackers (nowadays, it is quite simple to buy it online). I have easily managed to log in to your email account.

One week later, I have already installed the Cobalt Strike "Beacon" on the Operating Systems of all the devices you use to access your email. It was not hard at all (since you were following the links from your inbox emails). All ingenious is simple. :).

I also have no issue at all with making them available for public access (leaked and exposed all data).

General Data Protection Regulation (GDPR): Under the rules of the law, you face a heavy fine or arrest.

I guess you don't want that to happen.

Let's settle it this way:

You transfer 620 USD to me and once the transfer is received, I will delete all this dirty stuff right away. After that, we will forget about each other. I also promise to deactivate and delete all the harmful software from your devices. Trust me. I keep my word.

That is a fair deal, and the price is relatively low, considering that I have been checking out your profile and traffic for some time by now. If you don't know how to purchase and transfer Bitcoin - you can use any modern search engine.

You need to send that amount here Bitcoin wallet:

bc1q7a969ewch07pqp2uy65dn8j529jzat8y56mcc4

(The price is not negotiable).

You have 2 days in order to make the payment from the moment you opened this email.

Do not try to find and destroy my virus! (All your data is already uploaded to a remote server).

Do not try to contact me. Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

This is an APT Hacking Group. Don't be mad at me, everyone has their own work.

I will monitor your every move until I get paid.

If you keep your end of the agreement, you won't hear from me ever again.

Everything will be done fairly!

One more thing. Don't get caught in similar kinds of situations anymore in the future!