Skip to main content

Latest Online Schemes Use Doxxing, Sextortion Tactics

Avoid these scams that are targeting members of our Stanford community

While many of us have become familiar with traditional phishing scams—where attackers impersonate legitimate persons or organizations to gain information, money, or control—emerging types are becoming more intense and sophisticated. 

Here, we’ll share two particularly concerning trends in online scams that our Stanford community should be on guard against.

1 - Extortion/Sextortion Scam, Sometimes With Your Address or Personal Details

What is the scam? 

  • It begins with an email sent to the victim with threats of revealing evidence of embarrassing online activity, such as visiting pornographic websites. 
  • The attacker might claim to have screenshots or webcam video of the activity, along with contact information of friends, family, and colleagues.*
  • The attacker demands payment in exchange for not revealing the embarrassing activity. 

*Despite the scammer’s claims, instances of this particular scam have proven to be empty threats, and the sender does not have the purported embarrassing information. 

What makes it especially problematic?  

  • Scammers have begun including information about the victim that has been obtained through external data breaches (also known as doxxing), leading the victim to believe they are truly being threatened.
  • Lately, scammers are even using the person’s home address or a photo of the victim’s home, which could have been scraped from real websites. 
  • Other times, a scammer might use a password or other details that have been exposed in a data breach, leading the victim to believe that their Stanford account has been compromised. 

2 - Job Offer Scam

What is the scam? 

  • It begins with an email that appears to be from (or will reference) a Stanford faculty member, describing a part-time job opportunity. 
  • The job will have attractive compensation and often can be done remotely.
  • Attackers attempt to move the discussion with the target to a non-Stanford platform (text messaging, non-Stanford email, or a phone call). 
  • The target is asked to fill out some basic information and complete one or more job tasks. Next, the attackers send the target a digital image of a check with instructions to deposit it in their account to cover the initial salary and the purchase of startup items. 
  • Attackers later ask for a sizable portion of the startup money to be transferred back via Zelle, PayPal, Venmo, or similar, allegedly to cover costs for one or more of the position's starting costs. The target then transfers money to the attackers via Zelle, PayPal, Venmo, etc., only to find out later that the startup check is fraudulent and has bounced.  

What makes it especially problematic? 

  • When attackers move the discussion with the target to a non-Stanford platform (text messaging, non-Stanford email, or a phone call), the interactions leave the relative safety of Stanford’s secure systems and verifications. 
  • If challenged or questioned, scammers sometimes offer "proof" of the faculty member's identity, such as images of a forged Stanford ID card, making this scam seem more believable. 
  • Finally, because of the specific nature of these back-and-forth transaction types, banks often cannot recover the lost funds.

Familiarize yourself with screenshots and explanations of even more phishing attempts jeopardizing Stanford community members.

What to do if you suspect a phishing attempt

If you receive an unusual email, even if it appears to be from a trusted source, do not respond. Take the time to verify its authenticity. Always check the sender’s email address closely and be cautious about clicking links or downloading attachments. 

And remember, you can independently verify a Stanford sender’s identity. Look up their name in StanfordWho and communicate via a published email or phone number.

If the sender’s contact information or other details of the request point to a possible phishing attempt, report the message. Reporting allows Stanford University’s Information Security Office (ISO) to evaluate the threat and minimize harm to the Stanford community.

Learn more about how to recognize and report phishing with the Stay Safe From Phishing Guide.

 What to do if you might have been compromised

  • If you’re a victim of financial fraud from one of these scams: Immediately report the fraud to your financial institution and the online payment service you used for the financial transaction.
  • If you believe you have fallen victim to cyber crime: Report to the Internet Crime Complaint Center (IC3) of the FBI
  • If you are concerned your Stanford computer or phone has been compromised: Contact your IT support or open a ticket with the University IT (UIT) Service Desk to have it examined.
  • If you believe you are being threatened or harassed: Report to Stanford University Department of Public Safety (SUDPS) or local police if not on campus, by calling 9-1-1. 

Learn more

Learn how to recognize, report, and stay vigilant with the Stay Safe From Phishing Scams Guide. You can also:

Share Feedback

DISCLAIMER: UIT News is accurate on the publication date. We do not update information in past news items. We do make every effort to keep our service information pages up-to-date. Please search our service pages at uit.stanford.edu/search.