Is AfricGold legit or a scam?

Recently our intelligence team came across AfricGold (https://africgoldm.com/) which claims to be a mining platform. Their websites say “AfricGold is a Gold-backed digital mining application designed to be a highly secure platform design for future miners. Start mining and achieve the highest level of Hashrate.”

AfricGold lists a four-step process to use and earn money from their platform:

Buy a membership pinCreate accountStart MiningGet mining output

Their FAQ section has some interesting questions and answers, for the purposes of this investigation, we will review two of such questions and answers.

In respond to the question Will it crash? They write ‘It would never crash because there would always be enough funds to mine and earn. Units of gold supplied daily is prior to how much profit the platform makes daily. However, it’s a decentralized platform. You MINE, EARN, and withdraw as you wish.

To apprise these claims, we begin with the question which cryptocurrency is being mined? From what is written on the website it seems to be a virtual currency called AFGold. Their websites states “AFRICGOLD is a dual-purpose platform made up of subsidiaries that provide an opportunity to utilize AFGOLD Virtual mining technique, which is intended for evaluating mining revenue and as well as conversion of AFGOLD units to real word money and cash out as at when due.”

Mining AFGOLD units means that AfricGold has its own blockchain. But no mention of this or evidence of this is on its website, or whether the mining is done via proof-of-work or proof-of-stake method. We note that the writeup on the website is very vague.

The second thing in their FAQ that caught our attention was the question “After registration, what will I do to earn? And the answer to this is “AFRICGOLD is a dual-purpose platform, it’s either you mine to earn or earn through affiliate marketing.

Let us for the sake of argument grant that AfricGold has its own blockchain where AFGOLD is being mined, they next question would then be how does someone earn money after mining AFGOLD? What makes bitcoin and other cryptocurrencies profitable is their current value. Profit comes from selling the cryptocurrency and deducting the cost of mining. But what value has AFGOLD? It is not even listed in any exchange. Hence, the only way any money is being made here is through referrals, what they craftily term “affiliate marketing.” This setup is a pyramid scheme masquerading as a crypto mining offering. We offer more evidence of this hypothesis below.

When one visits the website of AfricGold, a noticeable feature is a pop-up notification on the lower left-hand corner of someone having referred or started mining on the website. See the screenshot below.

A perusal of the source code for AfricGold’s website revealed that this notification is not a live notification but pre-loaded. All the names and places have already been pre-loaded into a JavaScript code that varies the output at random once you visit the website to deceive you into thinking it is a live notification and that people are really using the website. Below is the screenshot of the code and a snippet as found on the website.

<script type=”db3bf75b8afc87d0e363df04-text/javascript”>

$(document).ready(function() {
$(‘#notification-1’).Notification({
// Notification varibles
Varible1: [“David”,”Jack”,”Olivia”,”Samuel”,”Thomas”,”William”,”Adam”,”Dylan”,”Luke”,”Matthew”,”Ethan”,”Nathan”,”Archie”,”Oscar”,”Lucas”,”Isaac”,”Tom”,”Gabriel”,”Reuben”,”Sean”,”Jude”,”Leon”,”Tanaka”,”Sasaki”,”Kimura”,”Yamada”,”Hayashi”,”Ogawa”,”Lisa”,”Grete”,”Sandra”,”Anna”,”Kati”,”Stacy”,”Jane”],
Varible2: [“Ikeja”,”Lagos”,”Kaduna”,”Kwara”,”Delta”,”Ghana”,”Cameroon”,”Makurdi”,”Uyo”,”Eket”,”Awka”,”Enugu”,”Kebbi”,”Jos”,”Kogi”,”Nasarrawa”,”Kebbi”,”Lokoja”,”Abia”],
Varible3: [“registerd”, “started mining”, “referred”],
Amount: [100, 50000],
Content: ‘[Varible1] from [Varible2] has just [Varible3].’,
// Timer
Show: [‘random’, 5, 10],
Close: 5,
Time: [0, 23],
// Notification style
LocationTop: [false, ‘5%’],
LocationBottom:[true, ‘5%’],
LocationRight: [false, ‘5px’],
LocationLeft:[true, ’10px’],
Background: ‘#252c40’,
BorderRadius: 5,
BorderWidth: 3,
BorderColor: ‘gold’,
TextColor: ‘white’,
IconColor: ‘orange’,
// Notification Animated
AnimationEffectOpen: ‘fadeInUp’,
AnimationEffectClose: ‘fadeOutDown’,
// Number of notifications
Number: 100,
// Notification link
Link: [false, ‘#’]

});

});

</script>

From the code snippet, you can see the name “Hayashi” among variable1 and the place “Eket” among variable 2 and “referred” in variable 3, all three are in the screenshot of the pop-up notification above. This shows conclusively that the pop of notification is just a tool to deceive.

A further study of the source code revealed a connection to two other websites. The first, BittALAT (bittalat.com) is an exact replica of AfricGold. See screenshots from the about section of BittALAT and AfricGold for comparison.

About BittALAT
About AfricGold

The second website Ravetok (ravetok.com) though having a fresh design still has the same content with AfricGold. One of the blog posts on the website even still has AFGOLD written in it.

In conclusion, we recommend that you stay away from AfricGold, BittALAT and Ravetok as they are the same entity, an outright swindle masquerading as a cryptocurrency mining opportunity.

The post Is AfricGold legit or a scam? appeared first on #NoGoFallMaga.

Operations Security (OPSEC) for Scam Prevention

Operational Security (OPSEC) is a term that has its origins in the military. The US Department of Defense defines it as a “method of denying critical information to an adversary.” This is the act/action of identifying critical information/intelligence that needs to be protected from falling into the wrong hands (enemies, potential enemies or even members of one’s own military corps). OPSEC has a wide range of applications as it can be adapted to organizational and business processes and be used by individuals as well.

In today’s chaotic world, we as individuals (civilians) also need to be able to maintain security in our daily lives, whether it is in relation to ourselves, our family, or our work. Maintaining security involves protecting critical information such as National Identification Number (NIN), bank details or BVN, medical information and even travel destinations. Adopting the OPSEC method can aid us in keeping these important assets safe from people who would look to do us financial harm (in this case scammers, hackers, and fraudsters).

Understanding the five-step operations security process

OPSEC Awareness – securityawareness.usalearning.gov

The thrust of the OPSEC process is identifying what you need to protect, analyzing threats and weaknesses that might impact it and then producing countermeasures to eliminate or lessen the impact.

Step 1 – Identify Critical Information. This first step is important because not all information has the same value, as such applying the same security measures to all information without distinction would be a waste of resources. For instance, the password to your mobile banking app is worth more in value than the password of an email account you rarely use. The best way to recognize critical information is to ask yourself the question “What information if it were to fall into the hands of fraudsters would cause me the most harm?

Step 2- Identify Threats. After cataloging your most critical information assets, the next step is to identify threats. A threat is something that has the potential to cause harm. Identify those who might exploit the information exposed in step 1 and what uses they might put it to.

Step 3 – Analyze Vulnerabilities. Vulnerabilities are weaknesses others can exploit to cause you harm. Vulnerabilities can exist in the way you interact with critical information assets or as critical information indicators. For the former, you would need to look at how you interact with the critical information identified in step 1 and how an adversary might exploit this process. As for critical information indicators, these are small portions of information that when put together can supply insight into an individual’s activity. For instance, taking a picture with your work badge, posting about traffic from your work route and company events when put together can give a good picture of your work life.

Step 4 – Assess Risks. Risk is the likelihood that an adversary will exploit your critical information and thus have an impact on your activity. Assessing risks is the activity of assigning countermeasures to vulnerabilities based on the level of risk these vulnerabilities possess.

Step 5 – Apply Countermeasures. Once you have discovered risks in step 4, then you can apply countermeasures to them. Countermeasures are activities designed to lessen or eradicate the impact of a risk by mitigating a threat or vulnerability.

Distilling the OPSEC process for scam prevention

While it might be necessary to walk through all the steps of the OPSEC process for business and organizations, individuals are free to adapt and use some of the steps as they see fit. We recommend that individuals identify critical information and review their actions to see how they might be inadvertently exposing such critical information or its indicators. A practical example of this would be your bank account details. Exposing such online under a giveaway post can be harvested by a tech savvy scammer who might then go ahead to send you a phishing email using the logos of your bank and account number. Below are several common ways critical information or its indicators are often exposed.

The Use of social media. Ovesharing and the careless use of social media is one of the major ways people mistakenly expose information about themselves. Activities like taking pictures of where you work, posting about your activities e.g., going to lunch and using location tagging features reveal too much about your movements. As a result of such actions scammers can easily check your activities, know your social connections, and even track your physical location. All this information can be used to craft a scam specifically targeting you. Also, social media users often reveal the names of their spouse, siblings, pets, favorite words, birthdays, all of which can be used by hackers to build a wordlist for a brute force attack.

Online Resumes and CVs. Posting your Resume or CV online is another way you can give out information to adversaries. These documents have work histories, skills, certifications, hobbies, and sometimes other information which can be used to set up a social engineering attack.

File Metadata. Metadata is simply data about data. Files such as images, videos and documents have metadata such as timestamps, version of software and device used in creating them, and owner information at the point of creation or when they are edited. Exif data which is metadate for videos and images can include camera settings and GPS information. Such files are often shared without removing metadata thereby leaking critical information.

Email Address and weak passwords. An email address can reveal a lot about a person, especially when the same email address is used to register on assorted services. There are several tools available on the internet that can list all the services to which a particular email address was used to register, from this a hacker or fraudster can enumerate the digital footprint of the owner and plot an attack. Another way emails can leak sensitive information is if they were part of a data breach. This occurs when cybercriminals compromise a website offering a service and obtain the emails and passwords of those who registered on the website. Since people often use the same email and passwords for numerous services, cybercriminals then use this information to compromise other accounts belonging to the victims on other services and obtain sensitive information.

Information revealed through interactions. Another way sensitive information can be leaked is through conversations, criminals can position themselves in places their targets are known to frequent in the hopes of eavesdropping on conversations. Other tactics can include fake questionnaires/surveys with some questions designed to elicit personal information and making phone calls impersonating reputable companies with a view to obtaining sensitive information.

In conclusion, keep in mind that operations security is all about keeping valuable information about yourself from those who will use it to do you harm. You will have to categorize information to know that which is enormously important and demands protection and then take the necessary steps to protect it which include not acting in ways that might reveal such information or its indicators.

The post Operations Security (OPSEC) for Scam Prevention appeared first on #NoGoFallMaga.

Defending Against Malware

What is Malware?

The term malware has been defined and described in many ways over the years, McAfee defines malware as a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service, or network. But in short terms, malware is malicious or ill-natured software.

Cybercriminals typically use it to extract data that they can use as leverage over victims for financial or other gains. That data can range from financial data to healthcare records, to personal emails and passwords – the possibilities of what sort of information can be compromised is ever increasing.

Types of Malware

There are diverse types of malware, some bare close similarities while others do not. According to Cisco, there are seven major malwares while Norton lists ten, but Up Guard tabulates twenty-two malwares which include those mentioned by Cisco and Norton. Below are the most pervasive and recognized.

1. Computer Viruses.

A virus is a type of malware that, when executed, self-replicates by changing other computer programs and inserting their own code. When this replication succeeds, the affected programs are said to be infected. Viruses need user interaction before they can become active, this action can vary from running a program to clicking a file to unpacking an attachment.

Virus writers use social engineering and exploit vulnerabilities to infect systems and spread the virus. Microsoft Windows and Mac operating systems are the targets of most viruses that often use complex anti-detection strategies to evade antivirus software.

2. Computer Worm.

A computer worm is a self-replicating malware program whose primary purpose is to infect other computers by duplicating itself while still being active on infected systems.

Often, worms use computer networks to spread, relying on vulnerabilities or security failures on the target computer to access it. Worms always cause at least some harm to a network, even if only by consuming bandwidth. This is different to viruses which almost always corrupt or modify files on the victim’s computer.

While many worms are designed to only spread and not change the systems they pass through, even payload-free worms can cause major disruptions. The Morris worm and Mydoom caused major disruptions by increasing network traffic despite their benign nature.

3. Trojan Horse.

A trojan horse or trojan is any malware that misleads users of its true intent by pretending to be a legitimate program. The term is derived from the Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy. Trojans are spread with social engineering such as phishing. For example, a user may be tricked into executing an email attachment disguised to appear genuine (e.g., an Excel spreadsheet). Once the executable file is opened, the trojan is installed.

While the payload of a trojan can be anything, most act as a backdoor giving the attacker unauthorized access to the infected computer. Trojans can give access to personal information such as internet activity, banking login credentials, passwords, or personally identifiable information (PII). Ransomware attacks are also carried out using trojans.

Unlike computer viruses and worms, trojans do not generally attempt to inject malicious code into other files or propagate themselves.

4. Rootkits.

A rootkit is a collection of malware designed to give unauthorized access to a computer or area of its software and often masks its existence or the existence of other software. The rootkit does this by replacing the internal system files that run the operating system. Rootkit installation can be automated, or the attacker can install it with administrator access. Access can be obtained by a result of a direct attack on the system, such as exploiting vulnerabilities, cracking passwords or phishing.

Rootkit detection is difficult because it can subvert the antivirus program intended to find it. Detection methods include using trusted operating systems, behavioral methods, signature scanning, difference scanning and memory dump analysis. Rootkit removal can be complicated or practically impossible, especially when rootkits reside in the kernel. Firmware rootkits may require hardware replacement or specialized equipment.

5. Ransomware.

Ransomware is a form of malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware spreads through phishing emails, malvertising, visiting infected websites or by exploiting vulnerabilities.

Ransomware attacks cause downtime, data leaks, intellectual property theft and data breaches. Ransom payment amounts range from a few hundred to hundreds of thousands of dollars. Payable in cryptocurrencies like Bitcoin.

6. Keylogger.

Keystroke loggers or system monitoring are a type of malware used to monitor and record each keystroke typed on a specific computer’s keyboard. Keyloggers are also available for smartphones.

Keyloggers store gathered information and sends it to the attacker who can then extract sensitive information like login credentials and credit card details.

7. Fileless Malware.

Fileless malware is a type of malware that uses legitimate programs to infect a computer. Unlike other malware infections, it does not rely on files and leaves no footprint, making it challenging for anti-malware software to detect and remove. It exists exclusively as a computer memory-based artifact i.e. in RAM.

Fileless malware emerged in 2017 as a mainstream cyber threat but has been around for a while. Frodo, Number of the Beast and the Dark Avenger were all early fileless malware attacks. More recently, the Democratic National Committee and the Equifax breach fell victim to fileless malware attacks.

Fileless malware does not write any part of its activity to the computer’s hard drive making it resistant to existing anti-computer forensic strategies to incorporate file-based whitelisting, signature detection, hardware verification, pattern-analysis or timestamping. It leaves little evidence that can be used by digital forensics investigators to identify illegitimate activity. That said, as it is designed to work in-memory, it generally only exists until the system is rebooted.

8. Adware.

Adware is a type of malware designed to put advertisements on your screen, often in a web browser or popup. Typically, it distinguishes itself as legitimate or piggybacks on another program to trick you into installing it on your computer, tablet, or smartphone.

Adware is one of the most profitable, least harmful forms of malware and is becoming increasingly popular on mobile devices. Adware generates revenue by automatically displaying advertisements to the user of the software.

9. Spyware.

Spyware is malware that gathers information about a person or organization, sometimes without their knowledge, and sends the information to the attacker without the victim’s consent. Spyware usually aims to track and sell your internet usage data, capture your credit card, bank account information, or steal personally identifiable information (PII).

Some types of spyware can install added software and change the settings on your device. Spyware is usually simple to remove because it is not as nefarious as other types of malware.

10. Crimeware.

Crimeware is a class of malware designed to automate cybercrime. It is designed to perpetrate identity theft through social engineering or stealth to access the victim’s financial and retail accounts to steal funds or make unauthorized transactions. Alternatively, it may steal confidential or sensitive information as part of corporate espionage.

11. RAM Scraper.

A RAM scraper is a type of malware that harvests the data temporarily stored in-memory or RAM. This type of malware often targets point-of-sale (POS) systems like cash registers because they can store unencrypted credit card numbers for a brief period of time before encrypting them then passing them to the back-end.

12. Cryptojacking.

Cryptojacking is a type of malware that uses a victim’s computing power to mine cryptocurrency.

13. Hybrid Malware.

Today most malware is a combination of existing malware attacks, often trojan horses, worms, viruses and ransomware. For example, a malware program may appear to be a trojan but once executed it may act as a worm and try to attack victims on the network.

14 Polymorphic Malware

This type of malware is a highly targeted malware written to infect specific systems. It is capable of rewriting or adjusting its code to evade detection until it reaches its end target or the factors necessary for it to execute are present. Fortunately, due to its sophistication this type of malware is very rare.

How Malware is Spread – Methods Used by Malicious Actors to Distribute Malware

We might not be able to protect ourselves from every potential malware threat. However, our understanding of approaches used by hackers would aid us in reducing our risk of infection. Malware can spread in many ways, but these are the most common methods by which users expose themselves to malware risks:

1. Phishing Emails.

This seems to be the most common method for malicious actors to spread malware. These malicious actors have become incredibly skilled at crafting emails that trick users into clicking on links or downloading a file that contains malicious code. These Emails may appear to come from trusted sources such as the user’s bank, the postal service, or trusted contacts within the user’s own list.

These phishing emails come in all shapes, sizes, and colors but one thing they have in common is a sense of urgency. If you receive an email that you think is a phishing email, you can block it in your spam filter and then delete it.

2. Social Network Spam.

This is relatively a new method for malicious actors to spread malware. This occurs when people browse social sites, looking at pictures or videos shared on a social site, when clicked, it takes users to a fake YouTube page that requests the user to download an online tool needed to watch the video. Often these online tools give access to malicious actors to gain access to the user’s computer.

3. Website (Drive-By Downloads from a compromised website).

Malicious actors spread malware by designing websites that aim at exploiting system vulnerabilities, human error, and common sense. Users see a pop-up ad warning them against a virus and prompting them to rid the virus by clicking a link, once they click the link, a virus is installed in the host system.

These vulnerabilities can arise from out-of-date apps, missing operating system patches, or browser plugins. If a weakness is found, it is used to infect the user system with malware.

4. Remote Desktop Protocol.

This is a connection protocol that enables a user to connect to another computer over a network connection. Malicious actors use automation tools to scan the internet looking for computers that are open to RPD. Afterward, the malicious actors make attempts to guess a username and password to gain access to the remote computer. Other times, these malicious actors buy the username and password from the dark web. Once they gain access, they can do whatever they want which includes installing malware.

5. Malvertising.

Malvertising, a portmanteau of malicious advertising, is the use of advertising to spread malware. It typically involves injecting malicious or malware-laden advertisements into legitimate advertising networks and webpages.

Advertising is a great way to spread malware because significant effort is put into ads to make them attract users to sell or advertise a product. Malvertising also benefits from the reputation of the sites it is placed on, such as high-profile and reputable news websites.

6 Browser Hijacker.

A browser hijacker or hijackware changes the behavior of a web browser by sending the user to a new page, changing their home page, installing unwanted toolbars, displaying unwanted ads or directing users to a different website.

7. Malicious Mobile Apps.

Not all apps available through the App Store and Google Play are legitimate. That said, the App Store is safer due to better prescreening of third-party apps. Malicious apps can steal user information, attempt to extort users, gain access to corporate networks, force users to view unwanted ads or install a backdoor on the device.

8. Rogue Security Software.

Rogue security software tricks users into thinking their system has a security problem such as a virus and entices them to pay to have it removed. In reality, the fake security software is the malware.

Malware Defense strategies

The best form of defense is to implement actions that mitigate against the above listed strategies that malware authors use to spread their creations.

Practice Good Cyber Hygiene. Do not click links whether in emails, social media, or social messaging application except you specifically requested for it and trust the source. Same for email and file attachments.

2. Make sure you have an anti-malware application on your device that periodically runs scans for malware.

3. Install all security updates and patches for your device without delay.

4. Use an end-point firewall, some of these products have a browser guard that can check websites you visit and at once block malicious websites.

5. Disable Remote Desktop connection and do not install remote connection applications on your device.

Conclusion

Finally, there is no security method that is 100% foolproof, always make sure you have critical data backed up to an external device or cloud storage, so in the event you have a malware infestation that is proving difficult to remove, you can wipe the device and start all over again.

Contributors:

Archibong JeremiahFortune AndrewEgbetola Sola

The post Defending Against Malware appeared first on #NoGoFallMaga.

Sextortion: Defending Against Digital Blackmail

What is Sextortion?

Sextortion is the practice of blackmailing victims with the threat of exposing sexually explicit images, videos, or information about the victims’ sexual orientation via cell phones or other digital media unless the victims pay up or engage in more sexual acts. The sextortionist often threatens to share the sexual contents relating to the victims with friends, colleagues, or close relatives of the victims and/or social media platforms, if they refuse his/her bid.

Sextortion, according to the Federal Bureau of Investigation (FBI), is a serious crime that occurs when someone threatens to distribute your private and sensitive material if you do not provide them with images of a sexual nature, sexual favors, or money.

Sextortion is part of a larger continuum of image-based sexual abuse (IBSA), which includes crimes such as revenge pornography and non-consensual sexting, in which sexually explicit images are used for harm.

Methods of Sextortion

The practice of sextortion can take the following forms, namely:

Catfishing

This occurs when a sextortionist poses to be someone by creating fake accounts on social media or dating sites (an incredibly beautiful lady or rich and handsome guy) thereby arousing the interest of the victim towards building a relationship, etc. The impostor through this tactic lures the unsuspecting victim into releasing some sexually explicit videos or images or performing some sexual acts while on camera. These pictures and videos the sextortionist would later use as a leverage to extort either money or sexual favor from the victim with the threat of exposing same if the victim does not agree to his/her demands.

Email Phishing Schemes

This employs the use of social engineering tactics by the sextortionist to perpetrate his illicit act. In this scenario the sextortionist sends an email to a target (the mail could be directed to thousands of recipients), claiming to have gotten access to explicit images or videos belonging to the recipient and threatening to disseminate same if the recipient does not agree to his demands. Such emails often with the recipient’s password (harvested from data breachers) as proof of access.

Hacked Social Media Accounts

This is the hacking of the social media account of a victim to source for sexually explicit images or chats. The sextortionist then threatens to make these contents public if the victim refuses to comply with the sextortionist’s demands.

Hacked Webcams

This involves instances where the sextortionist plants malware onto the victim’s device by tricking him to download a file containing such malware. Once there, the malware can allow the sextortionist to take control of cameras and microphones and install keyloggers which enables the monitoring of the victim’s every move around the computer. Also, through keyloggers, the sextortionist can discover and access the credentials for all the victim’s accounts.

Sextortion by Ex-lover or Close Associate

The crime of sextortion can be perpetrated by someone familiar with the victim such an ex-lover or a friend. Here, the sextortionist tries to blackmail the victim into continuing the relationship or providing them with more sexual contents or sexual favors using the victim’s sexually explicit images or other sexual contents in their possession as an undue advantage.

How to avoid being a victim

With the rise in the use of social networking platforms, and virtual meetings due to the COVID-19 pandemic, it is easier to make friends with strangers online now than it used to be. You could meet a random stranger in one zoom meeting and the next thing, you are friends on Twitter or already exchanging emails. This increase in the use of remote viewing applications and the subsequent increase in the time spent online has increased the risk of sextortion. Here are some tips to keep you safe.

Remember, what gets on the internet stays on the internet. The best protection is not to create sexually explicit material of yourself in the first place. Before making a sexually explicit image or video, think about the consequences that would result if it were leaked online.Keep your private life offline, do not be quick to have intimate video calls with random strangers. You can never tell who is on the other side of the computer. The same thing goes for photos, do not share files anyone can use to rope you in.

Learn to disable your webcams when you are not using them. This tip is useful during video calls, webinars, and other similar instances.If you must use dating websites, do not lower your guard – do not be quick to move the conversation off the platform or exchange images/videos that could be used to blackmail you.Treat all email attachments with caution – you do not want anyone to plant malware on your PC, do you? Ensure you do not open email attachments from suspicious email addresses.Use of Two Factor Authentication and strong passwords to secure your social media accounts.

Actions to take if you are being blackmailed with nudes

Talk to someone

If you have someone who you trust and feel comfortable opening up to, such as a parent, sibling, reach out to them. You might feel embarrassed but talking to someone will help. They might be able to provide you with support and advice. You can also consider reaching out to a mental health professional, such as a counsellor. They can talk through what happened to you, help you to find ways to cope when you are feeling overwhelmed, and support you as you deal with the situation.

Keep a record of their communication

Write down as much information as you can about the threat or multiple threats. If they have threatened you over text, make sure to take screenshots as evidence. If someone overheard or saw the person threatening you, take note of their name and contact details. They could be witnesses if you decide to take legal action.

Report the Crime

Never cooperate with someone who is trying to blackmail or extort you, quickly report to law enforecement authorities.

Conclusion

The problem facing victims of sextortion is the inability to report such cases like this to the relevant authorities due to fear of castigation and prolonged public ridicule. Once faced with issues like this, and the pictures or files are being distributed online, the police should be notified, or a lawyer’s advice should be sought on the next line of action to be taken. If the person follows through with the threat and shares the images, make sure to keep looking after yourself as best you can. Contact individuals or organizations that specialize in the removal of explicit contents from the internet.

Contributors:

Izuchukwu Paschal UgwuSubomi LawsonSolomon Nwabueze

The post Sextortion: Defending Against Digital Blackmail appeared first on #NoGoFallMaga.