Fraudsters Pose as Corrupted CIA Agents to Conduct Porn Extortion Scams

Last updated September 25, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Scammers continue to pretend to be CIA investigators, as this has proven to work well in collecting money from people who are easily deceived. According to BleepingComputer, there's a new wave of CIA porn extortion scams utilizes password-protected PDFs, making these campaigns more believable and thus better yielding. The alleged CIA agent sends an email to the target, claiming that they have been monitoring your online activity as part of an ongoing investigation on underage pornography. By mentioning your name and claiming your association to the child porn scheme, they are asking for a fee in exchange of wiping your information from the case files.

cia_spam-email

image source: bleepingcomputer.com

The email message is accompanied by a PDF attachment which is password protected and requires the pass that is provided in the message content. The PDF message asks for a 1.4 Bitcoin payment that is the equivalent of $5000, suggesting the use of an online bitcoin exchange platform like the Coinbase, Bitstamp, or Coinmama. The crooks even set a deadline of a few days to put additional pressure on the victim, and urge the recipient not to contact them so as not to risk the “underground information wiping operation”.

cia_payment-instructions-pdf

image source: bleepingcomputer.com

Now, there are three categories of people who receive these emails. Those who identify them as spam and disregard them immediately, those who are afraid that somehow their name was mistakenly included in a CIA investigation and want to avoid possible reputation risks, and finally, those who are really involved in child pornography and think that CIA is genuinely after them. Although porn extortion scammers are not known for their peerless ethics, they could at least do something about this latter category by bundling the names of the people who paid the fees and sending them to the real CIA for investigation. That's just wishful thinking, but you never know.

If you receive an email claiming to be from the CIA, remember to stay calm and review the details carefully. Would a corrupted CIA agent send you an email with a PDF containing the CIA badge? Would the agent have any reason to take the risk of giving out his name (Braelynn Mentink) and position (in this case “Technical Collection Officer”)? Is the acquisition of your full name, list of your relatives, work and home address such a robust piece of evidence for someone to get their hands to in the age of social media and massive data dumps?

Have you ever received an email claiming to be a CIA agent who is ready to save you if you pay the price? Let us know in the comments section below, and don’t forget that you have the power to help us raise awareness of campaigns like this one by sharing it through our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: