Email Scams Now Coming with Death Threats As FBI Issues Global Warning

“If you try to screw me, I will post your info - your home address, your mug shots on the dark web offering a reward for the first person to reach you,” the email threatened. It arrived in December, along with a ransom demand.

“I will notify members of MS13, negros [sic], the Aryans, or whoever is out there providing special services,” it continued. “There will be an open season and it will get ugly one way or another. God bless America, this country has so many nut jobs ready to do anything for some extra cash.”

The recipient, a businessman who owns a number of web domains, did what most people do with spam, and ignored it. Four days later, the sender looped in the man's wife. Seven days after that, his daughter was added to the email chain, which now included more specific threats.

“She lives in LA, right?” the emailer tried again. “Now think, how ignoring me will help from encounter with some Salvadorian animal. Or a white trash. You still don't take my words seriously, thinking I'm bluffing? Looks like you are a gambler and willing to gamble, otherwise I can't explain why you're willing to risk your relatives.”

Bizarre scams and cyber hijinks have become the norm for anyone with an email account, but death threats are creeping into inboxes, egged on by the rise of cryptocurrencies like Bitcoin and the availability of personal data on social media networks.

Call it, "Nigerian prince 2.0"—a potentially deadly version of phishing and spamming that overwhelms most everyone's inboxes. It's become a global phenomenon, targeting people as far away as Australia. In late December, the FBI started asking victims to report the emails through its internet crime websiteciting a “recent increase in people reporting e-mail threats​.”

“This is just beginning and it’s getting much more complex,” said Jeff Moulton, who runs Louisiana State University’s Transformational Technology and Cyber Research Center.

The recipient of the email threats published above, whose name Newsweek is declining to publish because of security concerns, happens to be a friend of Moulton’s, who quickly tasked some of his cyber experts to find out about where the emails were coming from.

GettyImages-876647658 Hackers are using information from social media networks, like Facebook, to make threats much more personal and more effective. LOIC VENANCE/AFP/Getty Images

Moulton’s team was able to track the email by digging into the invisible data that follows every message, known as the "header," through a Swiss server to China. The experts could route the message to a specific network in China, although they have doubts that the emailer is from China, as he or she may simply be using China's systems for cover. After that the trail goes cold.

Access to Bitcoin and other untraceable crypto currencies make such threats more common, according to Moulton. Police have been warning about the death threat emails, in communities like Radnor, Penn., Richmond, Va., and San Francisco.

“It’s very hard for someone to get a sack of cash, it’s a whole lot easier in the digital world to make that transaction occur, it’s just a click,” Moulton said.

Bitcoin has gained notoriety for its massive value spikes, and even large investment groups toying with how to take advantage of the interest in the currency. It’s designed to allow the anonymous transfer of money, which is why it’s become a particular favorite of those looking to make illegal sales online, helping drug markets and other illicit deals take place in the underbelly of the internet.

Sometimes the threats are for bodily harm, and sometimes the threat is personal embarrassment. An email might arrive saying that the recipient’s personal photos have been hacked, and a small Bitcoin payment can prevent them from being sent to family and friends.

Most people get many unsolicited spam emails, and have become increasingly immune to simplistic scams, so attackers are including more and more personal information, often mined from social media networks, to try to make their attacks feel more real.

“Social media is certainly a big part of this,” said Johannes Ullrich, dean of research at the SANS Technology Institute. “Facebook and LinkedIn is being harvested. It’s easy and it’s effective, that’s the combination that they’re abusing here.”

Attackers like to include as many details as possible, like the names of friends or favorite destinations in a home city, the types of things that people increasingly post to social media accounts.

The FBI's December warning says that the threat emails are mentioning loved ones and other specifics in an effort to "take advantage of your emotions and trust."

Once they’ve sufficiently scared a victim, it’s all about extracting as much money as possible. Ullrich said that while the death threats can be terrifying, the release of embarrassing information tends to be the most effective ransom tool.

“Most of the death threats people shrug off and don’t think much about it,” he said, noting that the success rates in his experience tend to be well below one percent.

Moulton and Ullrich have differing advice on what to do if you are the target of a death threat. Ullrich notes that there’s no evidence of this type of anonymous internet death threat leading to an actual murder, while Moulton said that because of the nature of the threats a recipient should seek out the help of the FBI.

“It’s Russian Roulette—you don’t know when that one bullet is going to be real,” Moulton said.

The number of threats, however, paired with the fact that they’re typically very difficult to trace, means that there’s often little recourse for a victim, and the FBI can’t possibly investigate every email.

The FBI has been warning of threats via email since at least 2006, but the frequency and specificity of the threats has skyrocketed in recent years, according to experts. Back in 2006 the FBI was advising recipients to ignore the emails. Now, while still saying that there isn't any real risk to peoples' lives, the bureau is asking that each threat be reported.

"We recommend anyone who has fallen victim or believes they have been targeted by this scam, file a report with IC3 at ic3.gov," Nora Scheland, an FBI spokeswoman, told Newsweek.

Moulton also warned that while direct monetary payouts are often the target, they objectives do at times vary. He’s seen threats focused on getting access to domain names or other digital things of value, and is concerned that it might become a tool for broader blackmail in the future.

“Imagine if this was happening with a member of Congress, whoever the voting member is, who wants to keep things quiet,” Moulton said.

Join the Discussion