[ad_1]
According to a new study from Network Contagion, a form of cybercrime called “financial sextortion” is on the rise in North America and Australia, a large part of which is driven by an unorganized cybercriminal group in West Africa, which itself are called the “Yahoo Boys”. Research Institute (NCRI).
According to the FBI, sextortion is “a crime in which adults force children and teens to send obscene images online.” Criminals threaten their victims with widespread distribution of explicit images, including victims’ friends and family, unless the victims pay them repeatedly through a variety of peer-to-peer payment apps, cryptocurrency transfers, and gift cards Are.
NCRI, a non-profit, found that cybercriminals used social apps Instagram, Snapchat and Viz to find and connect with their targets.
According to a 2023 Atavist investigation, the Yahoo Boys’ strategy gained popularity among some as a way to get rich quickly in West Africa, where there are few other means of earning income. Popular songs referencing the Yahoo Boys have provided cultural influence to cybercriminal gangs.
Despite the increasing amount of sextortion online over the past several years, NCRI researchers say the platforms used by the Yahoo Boys and other threat actors have been slow to moderate their content or make changes that would help stop the spread of sextortion. can do.
NCRI senior intelligence analyst Paul Raphael, who co-led the study, said sextortion is a “transnational criminal threat that is causing a really large number of American deaths.” According to NCRI Intelligence Director Alex Goldenberg, this form of crime – which mostly affects boys and young men – can be so devastating that it may drive some victims to suicide.
In August 2023, NBC News reported that two Nigerian men were extradited to the US to face charges in a sextortion scheme that authorities say led to the suicide of a 17-year-old Michigan high school student. The men pleaded innocent and were denied bail in September.
And in November, according to court filings obtained by CNBC and NBC News, a grand jury indicted a Nigerian man in response to U.S. Secret Service allegations that he engaged in Yahoo Boys tactics that included sextortion and a $2.5 million wire fraud. Fraud was involved.
In this case, the indictment says, the accused Nigerian man and unidentified co-conspirators used fake accounts on Facebook and Snapchat to pose as attractive young women, connect with young male users and access their lists of friends and followers. To achieve and then woo them. To send explicit photos to the victims.
The accused parties allegedly promised their marks, whom the Yahoo Boys often refer to as “clients”, that if they sent money through apps like Venmo, CashApp and Zelle, they would delete the photos or At least avoid distributing cryptocurrency transfers via Bitcoin. A Binance account, or gift card.
However, as soon as they paid, victims would face new threats and pressure to continue paying, the filing said.
The NCRI study found that the Yahoo Boys promote their tactics and recruit new gang members by publishing training videos and guides for running a financial sextortion scam on platforms including TikTok, Scribd, and YouTube.
NCRI researchers said they found dozens of videos on TikTok and YouTube depicting self-described Yahoo Boys engaging in sextortion using easily searchable phrases like “blackmail format” or hashtags like #YahooBoys. They also found scripts on Scribd that taught others how to extort their victims using similar search terms. According to NCRI analysis, the content has been viewed more than five lakh times across various sites.
NBC News and CNBC reviewed some of this content that still exists on all three platforms. A video posted on YouTube instructed viewers how to “catch the customer”, keep them engaged by behaving “like a real girl”, and how to convince them to send increasingly candid photos. The video described a method of threatening a victim and forcing them to send payment, at which point the narrator acknowledged that this activity would be “high risk”.
A document posted on Scribd included a script with attractive and explicit enticements, leading to threats. The document states, for example, “Are you ready to obey me? I will make you more miserable than you can imagine… I will send your nudity to many people online… What You want it to happen – yes or no. If you don’t want it to happen, you have to pay me.” And later, “How long did you get there[?] If you’re thinking about $200, forget it, I’m posting your naked and will make you die in pain.”
After NBC News asked TikTok about several of the Yahoo Boys’ videos, the company removed them. A spokesperson said in an email that they violated the platform’s guidelines against scams.
Scribd did not respond to a request for comment.
NBC News alerted the company to an instructional video from Yahoo Boys on YouTube, but it had neither removed the video nor provided a statement by the time this story was published.
NCRI researchers also found detailed scripts that had been available for years, which are still easily accessible on sites like Meta’s Instagram and Snapchat.
TikTok, YouTube, Scribd, and Meta restrict content that promotes criminal activity.
A spokesperson for Meta said in an email that the company has strict rules against sharing intimate photos and that it already implements versions of many of the NCRI’s recommendations, including “offering a dedicated reporting option so that People can report the dangers of sharing private images.”
A Snapchat spokesperson said in an email, “We know sextortion is a huge risk that teens face on a variety of platforms and we’re enhancing our tools to address it. There are additional safety measures in place for teenagers, and don’t do this.” It offers public friends lists, which we know can be used to extort people. We also want to help young people learn the signs of this type of crime, and recently launched in-app education to raise awareness of how to recognize and report it. ,
While the Yahoo Boys and other threat actors have been operating on mainstream social media platforms for years, the parent companies of those platforms have been slow to largely stop the activity.
Alex Goldenberg, NCRI’s director of intelligence, said in-app education is a great start, but tech companies can do more to prevent online sextortion.
He said platforms like TikTok, YouTube and Scribd should actively seek out and remove sextortion guides, materials and scripts that they are hosting. And social media platforms should include a separate category for reporting sextortion – as Snapchat did in early 2023.
Goldenberg emphasized that social apps should make it more difficult to access information about a specific user’s network. For example, on public accounts on Instagram, followers and following lists are visible to everyone, which enables cybercriminals to infiltrate victims’ personal networks and exert influence over them by threatening to send photos to people they know.
Even with a private account on Instagram, as soon as a user accepts a scammer’s follow request, that scammer can see all of their friends and followers and try to connect with them. Design changes to make or maintain users’ followers and following lists private would remove an important source of leverage for criminals.
A spokesperson for Meta said that for users under 16, Meta makes their accounts private by default so that viewing their network is only possible if they accept your follow request.
On Snapchat, users should be made aware that photos can be saved and screenshotted, Goldenberg said. The NCRI study recommends that parents and teachers should “fight the perception that photos sent on Snapchat disappear, which may create a false sense of security.”
A former Snapchat employee, who spoke on the condition of anonymity (but whose identity is known to CNBC and NBC News), confirmed some of the findings of the NCRI study as they related to the company. The former employee said growing financial sextortion had been discussed at the company since early 2021 and intensified in the years that followed. Former employees agreed that Snapchat and other social media companies did not act strongly or quickly enough to protect young users.
The NCRI study also strongly criticized Viz, concluding: “Sextortion on Viz is widespread and dangerous. The app’s design, which appears to be similar to a Tinder-like interface for minors, made it suitable for the large-scale dissemination of sextortion.” The environment has been promoted.”
In July, child protection groups told NBC News that they were receiving an alarming number of reports about alleged sextortion of youth on The Viz.
In response, Viz said it attempts to prevent such behavior through an automated moderation system, which it says does not allow the broadcast of nude images. According to child safety groups, complaints made about Viz often involve initial connections being made on the app before moving the alleged victim to another app, such as Snapchat.
The NCRI study suggested that Apple’s App Store and Google Play could also help, by carefully monitoring sextortion complaints involving social media apps and enforcing their existing policies.
The NCRI study comes amid intense scrutiny of how social media is affecting youth.
New Mexico Attorney General Raul Torrez sued Meta and CEO Mark Zuckerberg, accusing the company of enabling human trafficking and the distribution of child sexual abuse material, and alleging in a formal complaint that Facebook and Instagram target children. They are “breeding grounds” for predators.
As NBC News previously reported, Meta responded to that lawsuit, saying it has been proactive in finding and removing accounts and content that violate its child safety policies.
The CEOs of Meta, Answer the questions.
, NBC News’ Kevin Collier and Ben Goggin contributed to this report.
In the US, people who have experienced sextortion (or their parents or guardians) can report it through the FBI’s Cybercrime Portal. IC3.gov Online, or local FBI field office. Incidents of sextortion involving a minor should also be reported to the National Center for Missing and Exploited Children or NCMEC CyberTipline. report.cybertip.org or by phone at 800-843-5678.