In brief

  • Sophos and CipherTrace have tracked the flow of money from sextortion scams.
  • The report found that the scams make just $100k a month.
  • A separate report revealed that crypto scammers’ profits have been hit by the coronavirus.

Sextortion scams appear terrifying. Out of nowhere, a stranger demands that you send them Bitcoin—if not, they’ll spread pictures of you pleasuring yourself.

Cyber security firm Sophos has tracked all the online sextortion campaigns it could find that took place between September 1, 2019 and January 31, 2020, working alongside crypto analytics firm CipherTrace to follow the flow of their ill-gotten Bitcoin. 

The good news is that it turns out these sextortion scams aren’t particularly lucrative; in the five months Sophos tracked the campaigns, hackers only made 50.98 BTC, or roughly $500,000 worth of Bitcoin, based on the average price of Bitcoin during the times of the transactions. 

Compare that to the $25 million heist last week by dForce last week ($24 million of which was later returned), or the $1 million taken from bZx’s Fulcrum protocol, and the half a million dollars earned by sextortion scammers appears paltry. 

“What a strange path we have come to, where we can go: ‘What a good thing that these guys, by just sending blackmail spam, are only making a hundred large a month’,” commented Paul Ducklin, Sophos’s Principal Research Scientist.

How many are involved in carrying out sextortion scams?

Given the private nature of crypto transactions, and since the barrier to entry is quite low, Sophos could not determine how many were involved in the attacks. “It could be one person who's kind of cornered the market, or it could be loads of people going, ‘I’ll have a bit of that,’” Ducklin told Decrypt

A separate report from Israeli cybersecurity firm Check Point found that a single campaign made $22,000 a month, in the five months prior to Sophos’s report.

Sophos found that many of the smaller Bitcoin accounts consolidated their funds into larger accounts. These larger accounts tapped into the wider online criminal economy. Many of the scammers’ wallet addresses were used for purchases on the dark web, such as stolen credit card data. 

Ducklin didn’t know whether the scams increased during the coronavirus. But a report this month from blockchain analytics firm Chainalysis suggests that some scammers are, in fact, losing money to the coronavirus.

Scammers lose out to coronavirus

According to the blockchain analytics firm, since early March, when COVID-19 began sweeping into the Western world, the weekly average amount collected from the two most lucrative types of scams—Ponzi schemes and investment scams—dropped by 33%, from $4.2 million to just under $2.9 million. These schemes make up 95% of all the crypto made by scammers.

But the reason isn’t that fewer people are falling for them—numbers have remained fairly constant—but rather that scammers are asking for the same low, flat amount (such as 0.2 BTC) from victims, even though the price of Bitcoin fell sharply last month.