Category Archives: Extortion

Adult Content Extortion Emails…Again? Still?

We have seen a high number of emails that look like the one in the image below, but have various subject lines & a different MsgID number at the bottom. Everything these emails threaten is false, including the fact that they sent it from your own email account. The scammers are using a technique called email spoofing, which is the creation of a message with a forged sender address intended to mislead and/or prank the recipient about the origin of the message. This is very common in spam, phishing, & other scam messages. It is the equivalent of placing someone else’s return address label on a letter sent via the postal service.

We are able to block these emails based on the Bitcoin wallet addresses listed, but because they are sent from random email addresses from various free email providers we are unable to stop them all. Please continue to ignore these emails, but also feel free to forward them to abuse at baylor dot edu so that we may continue our efforts to block as many as we are able.

Sample Subject Lines:

  • No longer private!
  • Your friends will be shocked!
  • You dirty dog!
  • I got something from you!
  • You better read this!
  • Your chance!
  • Shame on you!

Scam Emails Asking If You Are On Campus/Available

The scam where you get an email that appears to come from your supervisor, dean, or another higher up at the university is not slowing down. The most common spoofed individuals are the University President, the Dean of the Law School, & the Athletic Director, but the scammers are also imitating department heads & others as well. In the case of these emails, please forward them to ITS via the Help Desk or abuse at baylor dot edu so that we can block that email address from sending to or receiving email from Baylor addresses. There is no danger to your system or the individual’s system that they are imitating as no actual hacking or unauthorized access has occurred.

Some tips to determine that the email is a scam:

  • the email is short, usually one or two sentences & it lacks proper spelling, grammar, capitalization, and/or punctuation
  • the sender’s email address may display the proper Baylor email address of the individual they are imitating, but if you right click & select ‘Open Contact Card’ or click the Reply button the actual address that you will see will NOT be an @baylor.edu email address
  • the sending email address might include baylor.edu but it will NOT be after the @ symbol, meaning it is NOT a Baylor email address
  • the scammers are copying signatures to make the email seem legit, so always verify the email address before replying
  • if they ask you to purchase gift cards for any reason & to send them the codes from the back of the gift cards, cease communication immediately & contact the Help Desk so that ITS can block that email address from communicating further with Baylor employees

Latest News

Instead of the click here to re-activate your mailbox from being permanently deleted or green boxes inviting us to view the entire message, we are seeing a bunch of the previously mentioned extortion scam emails & the ones that come from outside of Baylor but are pretending to be from leadership (your supervisor, deans, the athletic director, head coach, or even President Livingstone) inviting you to respond to an urgent request that cannot be handled on the phone because the sender is in a meeting that they cannot step away from. Although these may not be your traditional phishing emails, they are still scam emails & we wanted to highlight both of them here again. One thing you will notice, especially in the adult content extortion email – the spelling, punctuation, & grammar are odd. This is usually a sign that the email is being run through some sort of language translator & a big indicator that the email is a scam.

Adult Website Extortion Scam (this one is quite lengthy & uses some interesting spacing & line breaks…)

 

 

 

 

 

 

 

 

Fake Request From Leadership Emails (notice the @my.com email address, they have also used Gmail addresses in the past)