What kind of email is "YouPorn"?
After examining this "YouPorn" email, we determined that it is fake. There are several variants of this spam mail, all of which are a twist on sextortion scams.
The general through-line is a false claim that the recipient has been identified in sexually explicit content recently uploaded to the YouPorn website. The emails offer several payment options for removal and future re-upload prevention.
It must be stressed that all the claims made by these letters are bogus, and this mail is in no way associated with the actual YouPorn site.
"YouPorn" email scam overview
We inspected a "YouPorn" spam email variant with the subject "Urgent: Uploaded content notification". It informs that YouPorn's AI-powered tools have detected the recipient featured in sexually explicit content. This a security measure, as the distribution of non-consensual images/videos is against YouPorn's policies.
If the content was uploaded to the platform with their consent, the recipient is not required to take any action. After seven days, the content will be made available for the recipient's review, as well as that of the website's users.
However, should that not be the case, the letter lists possible removal options. Some variants of the "YouPorn" scam emails offer free removal, yet when a recipient attempts to select this option – they are redirected to their browser's homepage since the link is empty. Hence, victims are forced to look into the options that require payment, which vary between the email versions.
The one we investigated offered a $199 choice that includes "basic express removal, blocking, and protection against re-uploading" for twenty websites on YouPorn's partner network. The $699 option, dubbed "Plan A", combines the previous features but expands them to three hundred sites and provides protection for a year. While "Plan B" costs $1399, it is a three-year option that includes "Plan A" and implements facial recognition tools to facilitate content blocking.
The payments are accepted only in Bitcoin cryptocurrency, and the process is automated – so there's no need for interaction from the recipient's side.
As mentioned in the introduction, all the claims made by these spam emails are fake. Furthermore, this scam mail is in no way associated with YouPorn or any other legitimate services/entities. Therefore, these letters pose no real threat to recipients.
Victims of this scam experience financial losses, and they cannot retrieve their funds due to the practically untraceable nature of cryptocurrency transactions.
|Name||"YouPorn" sextortion email|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Fake Claim||Explicit content featuring the recipient has been uploaded to YouPorn.|
|Cyber Criminal Cryptowallet Addresses||1DzWf1Y9nDKPgmc2em37KRjYePPmWggRce (Bitcoin), 13HA6EVfvTPidW3xv5Tp88WRvH96QtB3XV (Bitcoin)|
|Symptoms||Unauthorized online purchases, changed online account passwords, identity theft, illegal access of the computer.|
|Distribution methods||Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.|
|Damage||Loss of sensitive private information, monetary loss, identity theft.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Sextortion spam campaigns examples
"Specialized Hacker Succeeded In Hacking Your Operating System", "I Will Be Direct You Watch Adult Content", and "You Could Be In Trouble With The Law" are just a couple examples of classic takes on the sextortion scam.
Spam emails like "YouPorn", i.e., ones claiming that explicit content depicting the recipient has been uploaded to legitimate platforms, are relatively new in comparison to mail from supposed hackers stealthily recording compromising videos or law enforcement issuing fines, threatening legal action/ charges for viewing/possession of illegal pornographic material.
It is worth mentioning that various scams are promoted through spam, e.g., phishing, callback, tech support, inheritance, lottery, etc. Deceptive mail is also used to proliferate malware.
How do spam campaigns infect computers?
However, some formats may require additional actions to initiate malware download/installation processes. For example, Microsoft Office files need users to enable macro commands (i.e., editing/content), while OneNote documents require them to click on embedded files or links.
How to avoid installation of malware?
Due to how prevalent spam mail is and how well-made it can be – we strongly advise caution with incoming emails, PMs/DMs, SMSes, and other messages. Attachments or links present in dubious mail must not be opened, as they can be malicious.
We recommend using post-2010 Microsoft Office versions since they have the "Protected View" mode that prevents automatic macro execution.
Since malware is not distributed exclusively through spam mail, we also advise downloading only from official and trustworthy sources.
Another recommendation is to activate and update programs using functions/tools provided by legitimate developers, as illegal activation ("cracking") tools and third-party updates can contain malware.
Furthermore, due to the abundance of competently-disguised fraudulent and malicious content on the Web – it is essential to be vigilant while browsing.
We must stress the importance of having a dependable anti-virus installed and kept updated. Security software must be used to perform regular system scans and to remove threats and issues. If you've already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.
Text presented in the "YouPorn" spam email letter:
Subject: Urgent: Uploaded content notification
Uploaded content: Feedback required
Our AI-powered tools have detected that you are featured in sexually explicit content that was uploaded to our platform.
At our company, we take the security and privacy of our users very seriously, and we use advanced technology to help detect and prevent the distribution of non-consensual intimate images and videos.
While our tools are powerful, we also rely on human oversight to ensure that our platform remains safe and secure for everyone.
If you have approved the upload of this content, you do not need to take any further action. The video will be published to our library within the next seven days, and you will have an opportunity to review the content after the grace period has passed.
However, if you did not approve the upload of this content, we kindly ask that you follow the instructions below to take immediate action.
Our platform boasts an extensive network of websites and partners, which means that ensuring the security of our content is a top priority.
To achieve this, all uploaded content is digitally fingerprinted using both the MediaWise® service from Vobile® and Safeguard, our own proprietary digital fingerprinting software.
This helps to prevent unauthorized distribution of content on our platform.
For our premium users who upload content, we offer monetary incentives. However, in some cases, uploaded content may be put on hold.
If this happens, we can initiate a quick automated removal process, but we would require an incentive refund to do so.
The basic express removal, blocking, and protection against re-uploading of content on our network of 20 websites costs $199 USD.
As a digital company, we take great pride in our integrity and measures, which is why we offer additional options for protecting against unauthorized content uploads 24/7.
We have all our processes automated, including payment processing, for your convenience.
Our Plan A includes everything in the basic removal option, plus digitally fingerprinting of the content and automated removal and protection against re-uploading to our vast network of partner websites (300+) for one year, all for $699 USD.
If you require the best protection available, we recommend our
Plan B, which includes everything in Plan A plus digital protection by MediaWise® and Safeguard based on facial recognition data for three years. This ensures that any content with your biometrics will be blocked, and it costs $1399 USD.
Our system takes care of your request automatically and swiftly, so there's no need to contact us.
The payment process is automated through a Bitcoin gateway, and the digital number you receive below is unique to your case and doesn't require any extra confirmation.
To transfer the amount corresponding to your chosen option, copy and paste this identifier into your preferred cryptocurrency wallet.
You can review the content uploaded after the seven-day grace period, either by checking our Youporn.com library or by contacting the member who uploaded the content.
We encourage users who feature in content and wish to prevent its upload to our platform to consider proactively digitally fingerprinting it.
Thank you for your attention to this matter.
Appearance of the "YouPorn" spam email (GIF):
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "YouPorn" sextortion email?
- Types of malicious emails.
- How to spot a malicious email?
- What to do if you fell for an email scam?
Types of malicious emails:
Most commonly, cybercriminals use deceptive emails to trick Internet users into giving away their sensitive private information, for example, login information for various online services, email accounts, or online banking information.
Such attacks are called phishing. In a phishing attack, cybercriminals usually send an email message with some popular service logo (for example, Microsoft, DHL, Amazon, Netflix), create urgency (wrong shipping address, expired password, etc.), and place a link which they hope their potential victims will click on.
After clicking the link presented in such email message, victims are redirected to a fake website that looks identical or extremely similar to the original one. Victims are then asked to enter their password, credit card details, or some other information that gets stolen by cybercriminals.
Emails with Malicious Attachments
Another popular attack vector is email spam with malicious attachments that infect users' computers with malware. Malicious attachments usually carry trojans that are capable of stealing passwords, banking information, and other sensitive information.
In such attacks, cybercriminals' main goal is to trick their potential victims into opening an infected email attachment. To achieve this goal, email messages usually talk about recently received invoices, faxes, or voice messages.
If a potential victim falls for the lure and opens the attachment, their computers get infected, and cybercriminals can collect a lot of sensitive information.
While it's a more complicated method to steal personal information (spam filters and antivirus programs usually detect such attempts), if successful, cybercriminals can get a much wider array of data and can collect information for a long period of time.
This is a type of phishing. In this case, users receive an email claiming that a cybercriminal could access the webcam of the potential victim and has a video recording of one's masturbation.
To get rid of the video, victims are asked to pay a ransom (usually using Bitcoin or another cryptocurrency). Nevertheless, all of these claims are false - users who receive such emails should ignore and delete them.
How to spot a malicious email?
While cyber criminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:
- Check the sender's ("from") email address: Hover your mouse over the "from" address and check if it's legitimate. For example, if you received an email from Microsoft, be sure to check if the email address is @microsoft.com and not something suspicious like @m1crosoft.com, @microsfot.com, @account-security-noreply.com, etc.
- Check for generic greetings: If the greeting in the email is "Dear user", "Dear @youremail.com", "Dear valued customer", this should raise suspiciousness. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
- Check the links in the email: Hover your mouse over the link presented in the email, if the link that appears seems suspicious, don't click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to firebasestorage.googleapis.com/v0... you shouldn't trust it. It's best not to click any links in the emails but to visit the company website that sent you the email in the first place.
- Don't blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and to view any documents there; if you received an email with an attachment, it's a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.
To minimise the risk of opening phishing and malicious emails we recommend using Combo Cleaner Antivirus for Windows.
Example of a spam email:
What to do if you fell for an email scam?
- If you clicked on a link in a phishing email and entered your password - be sure to change your password as soon as possible. Usually, cybercriminals collect stolen credentials and then sell them to other groups that use them for malicious purposes. If you change your password in a timely manner, there's a chance that criminals won't have enough time to do any damage.
- If you entered your credit card information - contact your bank as soon as possible and explain the situation. There's a good chance that you will need to cancel your compromised credit card and get a new one.
- If you see any signs of identity theft - you should immediately contact the Federal Trade Commission. This institution will collect information about your situation and create a personal recovery plan.
- If you opened a malicious attachment - your computer is probably infected, you should scan it with a reputable antivirus application. For this purpose, we recommend using Combo Cleaner Antivirus for Windows.
- Help other Internet users - report phishing emails to Anti-Phishing Working Group, FBI’s Internet Crime Complaint Center, National Fraud Information Center and U.S. Department of Justice.
Frequently Asked Questions (FAQ)
Why did I receive this email?
Spam emails are not personal. Cyber criminals distribute them in massive operations with the hopes that at least some recipients will fall for their scams.
Was sensitive content featuring me uploaded online?
No, all the claims made by "YouPorn" scam emails are false. This means that no content featuring you has been uploaded to YouPorn or other similar websites. Hence, receiving this type of email poses no threat to you.
I have sent cryptocurrency to the address presented in this email, can I get my money back?
No, retrieving funds is practically impossible due to the virtually untraceable nature of cryptocurrency transactions.
I have provided my personal information when tricked by a spam email, what should I do?
If you have provided your log-in credentials – immediately change the passwords of all possibly exposed accounts and inform their official support. And if the disclosed information was of a different personal nature (e.g., ID card details, passport scans/photos, credit card numbers, etc.) – contact relevant authorities without delay.
I have read a spam email but didn't open the attachment, is my computer infected?
No, just reading an email will not trigger any system infection processes; malware download/installation is initiated when malicious attachments or links are opened.
I have downloaded and opened a file attached to a spam email, is my computer infected?
Whether an infection occurred depends on the file's purpose (i.e., phishing vs. malware infiltration), and it might be impacted by the format. Executables (.exe, .run. etc.) cause infections almost without fail the moment they are opened. While documents (.doc, .xls, .one, .pdf, etc.) may need extra actions to start downloading/installing malicious software (e.g., enabling macro commands, clicking embedded content, etc.).
Will Combo Cleaner remove malware infections present in email attachments?
Yes, Combo Cleaner is capable of detecting and eliminating practically all known malware infections. It must be emphasized that since high-end malicious programs typically hide deep within systems – performing a complete system scan is key for detection.