Sextortion Scams and Two Victims — Last week we heard two very sad stories from different victims of sextortion scams. Of all the types of scams we’ve exposed and written about, sextortion can be the most emotionally brutal and frightening for victims.  We know, for example, of two men who committed suicide because they thought that a sextortion scam targeting them was real.  It was not. Generally speaking, a sextortion scam happens when a criminal manipulates a victim to either share his or her own naked photos, or the criminal convinces the victim that he (or she) is complicit in receiving naked, or partially naked photos of a child. (Soliciting or having child pornography is a very serious crime in the United States.)  We want our readers to know that sharing nude, or partially naked, photos of yourself with anyone is EXTREMELY RISKY and can have severe consequences. Let’s unpack what happened to last week’s victims. (Please note that this story contains adult language and content.)

In the early evening of September 8, we received a frantic email from a middle-age man we’ll call Kevin (This is not his real name. We’ve also corrected some of his writing.) Kevin said…

“What should I do??? I got really scared today. A cute girl requested to be my friend on Facebook Messenger so after 45 min of talking she tells me she works at a CVS in Texas. We keep talking for a while and then 30 minutes later she says she just got out of the shower and she wants to video chat with me. She said she wants to see my nice cock so we get on the video call and she starts playing with her nipples and she says she wants to see my cock so I show her. Five minutes later she tells me that she is only 15! She also recorded a video of me. Now she says if I don’t pay her money, she will post that video and tell the police. I feel sick about this. What if she really is under age? I deleted her friendship on my account and told her she should be ashamed of what she did. Can i get in trouble?? She is blackmailing me now but i took screenshots of all our texts. Help please! I would never have condoned anything like this if she told me she was underage. Just thinking she was I started throwing up…..help!!!!!!!!!!”

There are many suspicious red flags that Kevin should have noticed, all suggesting that his new “friend” may not be what she claimed to be. Let’s start with the fact that it is HIGHLY unlikely for a young woman to send a friend request to a middle-age man she doesn’t know. The very first message she sent to Kevin was “I don’t know you but I like to meet new people so I added you so we can get to know each other better here if you don’t mind?” The young girl’s Facebook account is called “Hortencia, Morris” but her name also displayed as Kristen Hortencia. She claimed to live in Lubbock, Texas and work at a local CVS. Kevin commented that it sounded like a cool job and asked about her ethnicity. She ignored that question and asked him “do you live alone or with family?”

As their conversation turned sexual, Kristen said “I just took a shower I’m alone in my room tell me we can video chat here?”  She then said that her microphone wasn’t working. That’s total BS and another warning sign that things were NOT what they appeared to be! She also said “I’m excited we’re gonna have a good time and it’s gonna just stay between us, promise OK?”  Keep in mind that it was Kristen who turned the conversation to sex, saying that she hadn’t had sex in a while and was now alone at home in the shower. These are serious red flags that should have been a warning to Kevin. But he exercised poor judgment and continued with the video call, never considering that it could be recorded.

Kevin angrily responded that she was the one who had entrapped him and that this was blackmail. He said she was the criminal and not him. He said that she should be ashamed of herself and that he had all of their text messages showing her entrapment. Remarkably, Kristen’s response was to claim that she worked for the police and showed him a graphic from the US Department of Justice’s Office of Sex Offender Sentencing and Monitoring!

Rightfully, Kevin immediately blocked Kristen and did not pay her anything. When he blocked her, he also discovered that Hortencia, Morris, A.K.A. Kristen Hortencia, had another Facebook nickname.  She was using the name Kristen Montefalco. Over the years we’ve heard from more than 60 men who have reported this type of entrapment to us, some of which began as a Facebook friend request. In nearly every case, there were warning signs that were overlooked and in many of these cases the victim paid a ransom. In nearly all cases where a ransom was paid, the extortionist returned days or weeks later, asking for more money. In one case, a man paid more than $6000 over several months, until he simply stopped paying. Despite the threat, we do not recommend ever paying a sextortion scammer.

The other example last week concerned a young female friend of a man who contacted us for help. His friend, whom we’ll call Sung, is a 20-something year old and comes from a very traditional Korean family, we’re told. Apparently, Sung met a Korean man online and has had an online relationship with this man for a year now, but almost entirely through Google Chat. Sung said she talked to him on the phone or thru google chat once and it  sounded to her like he had a Korean accent.  However, Sung also emailed him in the Korean language and the man didn’t know what she said. We’re also told that they have never Facetime’d or had a video chat. He always had excuses why he couldn’t get on video.  Can you see major red flags that should have made Sung realize this man was likely a fraud?

Sung told her friend that the man is a Korean American doctor, a freelance contract engineer and orthopedic surgeon from Busan, Korea. For the last year, he said, he has been working in Kuwait. And, as you can guess, Sung has been sending this man money, though we do not know the reasons why. During the year of their relationship, they became intimate. This manifested in Sung sending naked photos of herself to this man.  We have also been told that, just recently, their relationship ended and the good doctor was now threatening Sung that he will share her naked photos with her friends and family if she doesn’t pay him more money! (We’ve been given this man’s name and email but choose not to publish it in order to better protect Sung’s real identity.) As you can imagine, this threat is deeply upsetting Sung and she’s “freaking out.” The scammer is still getting messages to her but, so far, she’s been ignoring him.

Since this “doctor” began threatening Sung, she now understands that he is a fraud, just targeting her for money. Her real friend, the man who contacted us for help, was “blown away” when he learned how long her online relationship had lasted and that she was “so convinced he was real.”  In total, Sung sent about $1,000 through cryptocurrencies to the bogus doctor. We advised Sung to do the following…

a) Take screenshots of any social media accounts this man has posted.  Copy/download any photos he has posted.  The reason is that they are likely NOT him, but are stolen and misused photos.  He is likely scamming others as well so it would be helpful to send us the screenshots and photos to investigate and then publish on Romance scam websites.

b) Immediately cut off all contact with this scammer. Block his numbers and email addresses and DO NOT respond to his effort to extort money.

c) DO NOT PAY this scammer any more money!  Our experience with this type of scam is that he’ll come back and demand more money…. until she stops paying.

d) Now the hard part… Sung should inform friends and family that she was victimized by an online romance scam and they **may** be contacted by him in order to pressure her to pay more. She doesn’t need to say anything about the photos. (It’s important to notify her friends on Facebook and other social media.)

There are many other helpful resources for victims, like Sung, to review online. Here are two from the FBI and U.S. Government FTC site:

    https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/romance-scams

    https://consumer.ftc.gov/articles/what-you-need-know-about-romance-scams

After a couple of days communicating with her real friend, we learned that Sung took all the steps we advised, but did not contact the police (or FBI) about this fraud. Our experience has also taught us that this scammer is very likely in another country and will, sadly, move on to find a new victim. Sung’s real friend then told us one more shocking bit of news. The “Korean Doctor” wasn’t the first online relationship that Sung engaged in. Apparently, since the start of the pandemic, Sung had started a relationship with four other men online but ended it when each asked for money! All five men had messaged her at the start through her Instagram account. The first few men wanted to send her a box of stuff (We have no idea what was in the box.), but Sung had to pay for it and refused. One of the men wanted Apple gift cards which she knew was a scam. As for this last man, Sung lamented to her friend that she doesn’t know why she did so much for him. Her real friend told her a year ago “this was a scam from day one. But she didn’t wanna believe me. No facetime or anything was a huge red flag. His pics on Instagram looked fake.” 

After learning about the other men who contacted her, we’re pretty confident that most of them, and perhaps all five, were the very same scammer using different identities to target her. We’ve seen evidence through our research about the Zimbabwe Romance Scammer that a professional romance scammer will target the same person over and over IF they have had any success in their effort along the way. Sung’s real friend told her NO MORE ONLINE RELATIONSHIPS! And he’s right. Thankfully, Sung will recover but the emotional trauma that she suffers is real, knowing that a low-life, nasty scammer possesses naked photos of her. No doubt, she will regret that mistake for many years.

(In our final communication with Sung’s friend, we learned that the scammer has been trying to contact Sung through her work email but she was able to get her IT department to block those emails.) 

Geek Squad Email Scams – Have you recently received a suspicious email that appears to have come from Geek Squad? Whatever it says, there’s a very high chance that it’s a scam! Stay away from scams using this FREE, all-in-one tool!

Offers from Kenya, England, Argentina and Elsewhere… – OK Readers, it’s time to see how scam-smart you are! Scamadviser has created a short quiz for you to test your knowledge of scams. It’s called the ‘Global Anti Scam Championship Quiz.’  You might even win a prize! Good luck!

Scammers are relentless and the sheer number of them means that many of us are being targeted over and over to the point where it feels NORMAL to keep reaching for the delete key, or swiping and deleting on your phone, or choosing not to answer a call identified simply as “United States,” or answering and immediately hanging up.  We’re bombarded and exhausted by it all! Can you remember a time when scam calls, emails, texts and social media posts/ads were actually infrequent? It feels like that was 2002, not 2022! Joining this scamological cacophony has been a growing number of “legitimate” offers and contacts that appear to have lots of credibility issues, and therefore are suspicious. Here are a few lovely examples, starting with a bizarre WhatsApp message that we received from a random number in Kenya!

The wa[.]me link at the bottom of the message simply pointed to opening an online chat with someone at the phone number: 202-951-9699 (Whatsapp provides this online service so that people can chat through a website.)

Here are a couple of other emails with serious credibility problems related to LOCATION! Since we’ve already invited you to take the Scamadviser quiz above, we’ll offer another teaser quiz and ask if you can find the 2-letter country codes in the emails below to figure out where these emails came from.  When, for example, someone tells you that he is the Chairman of a bank in London, but chooses to send you an email from a server in South America, THAT is a credibility problem!

Finally, we believe it is a serious credibility problem when someone contacts you from one email address but then asks you to reply (and sets the REPLY-TO address) for a different email address! Also, please notice that Robert Brian claims to represent an Investment Group but chooses to use a free Gmail account instead of a business email account! Also, his email came from an account called “eli.bea” at enstuff[.]com. Enstuff[.]com is a domain that is for sale and not in use!

FOOTNOTE: Recently, we’ve heard from a woman who received money unexpectedly via Venmo and wondering why and if this is a scam. Yes, it is!  Check out this well-written article from Consumer Affairs about this scam.

Yahoo Email, Amazon, and Paypal – Lots of phishing scams target people’s email services, including Yahoo.  Check out this bogus email sent to us by someone who didn’t even have a Yahoo account!  “Hi User” shouldn’t give anyone confidence that this is really meant for you!  The link to update your service pointed to a phishing scam on a free website at Square Site! Deeeeleeeete!

A Real Email Versus Fake Email From Norton Services – We have shared dozens of bogus phishing emails with readers that appear as invoices for Norton products like Norton’s Life Lock. It’s time we shared a REAL Norton email with you and pointed out with confidence WHY this is legitimate!  This real Norton email is notifying people to beware of scams disguised as Norton. (It’s about time!) Notice that the email came from “secure.norton.com.” “Secure” is a subdomain and the REAL domain follows it, separated by a period: norton.com.  That’s what you should expect to see at the end of the FROM address. But MORE importantly, all links point to Norton.com!  As it should appear, the norton.com is seen immediately in front of the first single forward slash!  That’s correct!  Now look below at a malicious email disguised as Norton!

This phony invoice was sent via the legitimate service called Quickbooks, by Intuit. And the link to “View Invoice” points to another service called Sendgrid!  It didn’t come from norton.com and links do NOT point to norton.com!  Equally important…where is your personal information? Is your name “Sir/Mam”???

Beware of a Malicious Mimic – Cam Versus Com –Talk about credibility problems! We received this lovely offer from Carolina Kelluna, who claimed to be a sales representative from Honeywell International, Inc. Honeywell is a big US company that has been around for decades! Their website is honeywell.com.  We couldn’t help but notice that Carolina wanted us to reply to this email by contacting her at honeywell[.]cAm, not DOT-com!  While Honeywell.com was registered in the United States in 1988, honeywell[.]cam was registered 44 days ago in Iceland using Namecheap! Hmmmm…. No thanks, we’re good!

Amazon Account Limited –This text, sent by one of our readers, is completely bogus! It came to her from a strange email address (notice at the top of the text) AND the link to restore your Amazon account points to a website called kulgreen[.]com! Does that make any sense at all? Yeah, we didn’t think so either. Delete!

Until next week, surf safely!

Copyright © 2021 The Daily Scam and Scamadviser. All rights reserved. You are receiving this email because you
have subscribed to it via Scamadviser.com or thedailyscam.com

Keurenplein 41, UNIT A6311  |  1069CD Amsterdam, The Netherlands

Contact Webmaster