Ashley Madison blackmailers now sending threats via US postal system

Ashley madison 170It may be months since the Ashley Madison adultery website was hacked, but the story continues to run and run and has now taken a further unpleasant turn.

Since the Ashley Madison hack happened, I have received a steady stream of emails from the site's users worried that their membership of the site might be revealed to their friends and family.

And, as we know, internet low-lives have been exploiting members' fears by spamming out blackmail emails.

But, it appears, that blackmailers are also prepared to take things a step further - and write letters to the homes of hacked users.

Here is an email I received from a reader today:

Email from Ashley Madison blackmail victim

I just received a physical postal letter to my house asking for $4167 USD or exposed my AM account to people close to me. is your advice the same as in your vid about email blackmail? Thank you.

Crikey. That's nasty.

I can understand how it would be distressing for Ashley Madison members to receive a letter like that through the post, but I'm strongly of the opinion that - in the majority of cases - blackmailers are trying their luck, hoping that a small percentage of those targeted will pay up.

Some people possibly will be prepared to reach into their pockets in fear that their loved ones might find out that they joined the controversial site, and those will be the people that the blackmailers will focus on. But I can't see what the blackmailers have to gain from going through with their threats.

Because, if they tell people close to you then they are ruining any chances that you will ever pay up. Think of it from their point of view. It's a dumb business model.

Ashley MadisonIn fact, the only scenario I can imagine that might make sense for the blackmailer to go through with their threats is if they are specifically targeting you and aren't being primarily incentivised by the money, but a personal issue with you instead. In which case paying the money may not help anyway.

I understand that it must be very unsettling and worrying, but paying the blackmailers any money is only likely to make them focus on you more. Ignoring them is probably a better plan in my humble opinion.

Of course, as the blackmailers have physically sent you something - as opposed to email - that does mean you may have in your hands some useful physical evidence for the police to investigate the perpetrators.

If you have received such a menacing letter through the post, my advice would be to share the letter with the authorities (and obviously request their discretion).

If the police are to successfully build a case against someone they will be looking for evidence like this.

Here's the video I made earlier this year about how you should respond to Ashley Madison blackmail emails - the advice is the same for those who receive the blackmail demands via the post. Don't pay.

Stay safe folks, and don't allow yourself to be blackmailed.

How would you feel if you received an Ashley Madison blackmail letter?

Further reading:

Tags: , ,

Smashing Security audio podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, ,

10 Responses

  1. Gregg

    December 14, 2015 at 3:37 pm #

    Smart move by the hacker(s), now the USPS Postal Inspectors are on the case. They just took a hack that was mostly ignored by law enforcement and escalated it to something that has its own LE body to investigate it.

    Maybe the hacker should have focused on getting a job.

  2. ljlkjlkj

    December 14, 2015 at 5:45 pm #

    I continue to be stunned that so many people thought the site was legit (meaning not almost exclusively fake profiles of woman) to begin with.

    With the email stuff, they weren't simply targeting site users, either. I have a throwaway spam email that I use a lot of different places, but Ashley Madison certainly wasn't one of them. I've gotten repeated blackmail attempts on that account saying they know my Facebook account (I've never been on Facebook in my life) and will expose me. Yeah, OK. Have fun with that.

    Agreed, these guys should ignore them.

  3. coyote

    December 14, 2015 at 10:39 pm #

    Yes, if a single person gives in then it is worth it to them. This is the same as with spammers; they're worthless scum, of course, but that won't stop them. They will do everything in their power to continue this type of thing because that is how they function. It is a lazy alternative to legit work and it is a stupid method too because once caught you're in a lot of trouble (and they clearly aren't wanting to be in jail for some shelter immediately since obviously they're wanting to evade arrest).

    Indeed it is stupid to give physical evidence to these people, though, and it could be their undoing (whether they hired someone to do it or not is sort of irrelevant because they'll be found out and in the end they surely know what they are sending). Time will tell.

  4. bob dobbs

    December 14, 2015 at 10:58 pm #

    When you say internet lowlife im assuming you mean the Ashley Madison customers

  5. Sam Cross

    December 15, 2015 at 1:43 am #

    I am from the old way of thinking about marriage with the vow that one will be sexually faithful only to their wedded spouse. So when someone uses this website they are either up to no good or using it as a vehicle to find other lovers if they have an open marriage. In the first case they better be afraid because they are breaking their vows, but in the latter case who cares? There really are very good reasons to be faithful; social diseases, especially the ones that give and give, like Herpes Simplex 2, not to mention AIDS. If your partner doesn't have them before marriage and is faithful, the chances are good they won't get them. Playing around on your spouse is fraught with bad outcomes. If your new spouse cheated on you with their old spouse who is to say they won't do it on you as well?

  6. Ashley

    December 15, 2015 at 6:01 am #

    Tangled webs and all.

  7. Sigh

    December 15, 2015 at 10:26 am #

    "in my humble opinion" indeed, Graham Clueless. It's AMAZING that after all these years, you've learned absolutely nothing. No one does or ever did consider you to be in computer security, just an ambulance chaser giving cookie cutter advice to grandmothers for profit.

  8. Ricky Campos

    December 18, 2015 at 6:47 pm #

    I was not in the Ashley Madison database. Have never been on the site. However, I received a letter in late November that matches this description. I tossed it.

  9. Simon

    December 21, 2015 at 5:02 am #

    Funny…I am shocked this is still a thing. As a married guy that never visited the site, I am still not sure why this is such a big deal? No one is losing there minds over people on Xtube, pornhub or the other sites? While I didnt use AM, I have visited those sites and I had plenty of offers to meet off line. Heck, FB gets me more attention from friends & strangers alike. While I imagine some used the site for real meetings…some surely used it for the fantasy. Why are uninvolved parties taking such joy in this? Why are people reveling in the discomfort of the users?
    I think of that hack on the HIV + dating site and the Vtec hack…why arent people f***ing with those users with the same veracity? After all anyone with HIV that wants to date is clearly a deviant and any kid that would want a talking toy is a pig (hopefully you read this as sarcasim) .
    Bottom line is people, scummy as they are, had their privacy violated and criminals are now trying to harm them and their families. I would hope people could take off their moral police lenses for second to see that the extortion is way worse than anything any AM visitor could have done.

  10. sue

    January 28, 2016 at 5:06 am #

    Well I got the letter, complete with the story of how the man who didn't pay up and the harrassment he and his family received as punishment. Here's the thing – I was in the AM hack even though I am a woman (single). Why? Because I created a profile to see if my guy, also single (ex, now) was on there. He replied on AM to "me" within an hour. Broke my heart. And now I have to deal with the added humiliation of being blackmailed. It really sucks. But because I have nothing to hide (I am single, no infidelity) if the blackmailer starts contacting my friends and family (many know abou my humuliating discovery of my ex on there), I am going to seriously cause a ruckus to expose the blackmailer. I have had enough humilation and am going to be really motivated to fight back. I have good resources. PS, don't the blackmailers know there were lots of women on there just to check on their SOs. Especially those like me listed as single. If I had wanted no strings sex, I wouldn't need AM or any kind of secret site. It's not like my ad said I liked married guys or was looking for a sugar daddy.

Leave a Reply