Ashley Madison blackmailers now sending threats via US postal system

Graham Cluley
Graham Cluley
@[email protected]

Ashley madison 170It may be months since the Ashley Madison adultery website was hacked, but the story continues to run and run and has now taken a further unpleasant turn.

Since the Ashley Madison hack happened, I have received a steady stream of emails from the site’s users worried that their membership of the site might be revealed to their friends and family.

And, as we know, internet low-lives have been exploiting members’ fears by spamming out blackmail emails.

But, it appears, that blackmailers are also prepared to take things a step further – and write letters to the homes of hacked users.

Sign up to our free newsletter.
Security news, advice, and tips.

Here is an email I received from a reader today:

Email from Ashley Madison blackmail victim

I just received a physical postal letter to my house asking for $4167 USD or exposed my AM account to people close to me. is your advice the same as in your vid about email blackmail? Thank you.

Crikey. That’s nasty.

I can understand how it would be distressing for Ashley Madison members to receive a letter like that through the post, but I’m strongly of the opinion that – in the majority of cases – blackmailers are trying their luck, hoping that a small percentage of those targeted will pay up.

Some people possibly will be prepared to reach into their pockets in fear that their loved ones might find out that they joined the controversial site, and those will be the people that the blackmailers will focus on. But I can’t see what the blackmailers have to gain from going through with their threats.

Because, if they tell people close to you then they are ruining any chances that you will ever pay up. Think of it from their point of view. It’s a dumb business model.

Ashley MadisonIn fact, the only scenario I can imagine that might make sense for the blackmailer to go through with their threats is if they are specifically targeting you and aren’t being primarily incentivised by the money, but a personal issue with you instead. In which case paying the money may not help anyway.

I understand that it must be very unsettling and worrying, but paying the blackmailers any money is only likely to make them focus on you more. Ignoring them is probably a better plan in my humble opinion.

Of course, as the blackmailers have physically sent you something – as opposed to email – that does mean you may have in your hands some useful physical evidence for the police to investigate the perpetrators.

If you have received such a menacing letter through the post, my advice would be to share the letter with the authorities (and obviously request their discretion).

If the police are to successfully build a case against someone they will be looking for evidence like this.

Here’s the video I made earlier this year about how you should respond to Ashley Madison blackmail emails – the advice is the same for those who receive the blackmail demands via the post. Don’t pay.

Blackmail and Ashley Madison | Graham Cluley

Stay safe folks, and don’t allow yourself to be blackmailed.

Ashley madison poll

Further reading:

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

10 comments on “Ashley Madison blackmailers now sending threats via US postal system”

  1. Gregg

    Smart move by the hacker(s), now the USPS Postal Inspectors are on the case. They just took a hack that was mostly ignored by law enforcement and escalated it to something that has its own LE body to investigate it.

    Maybe the hacker should have focused on getting a job.

  2. ljlkjlkj

    I continue to be stunned that so many people thought the site was legit (meaning not almost exclusively fake profiles of woman) to begin with.

    With the email stuff, they weren't simply targeting site users, either. I have a throwaway spam email that I use a lot of different places, but Ashley Madison certainly wasn't one of them. I've gotten repeated blackmail attempts on that account saying they know my Facebook account (I've never been on Facebook in my life) and will expose me. Yeah, OK. Have fun with that.

    Agreed, these guys should ignore them.

  3. coyote

    Yes, if a single person gives in then it is worth it to them. This is the same as with spammers; they're worthless scum, of course, but that won't stop them. They will do everything in their power to continue this type of thing because that is how they function. It is a lazy alternative to legit work and it is a stupid method too because once caught you're in a lot of trouble (and they clearly aren't wanting to be in jail for some shelter immediately since obviously they're wanting to evade arrest).

    Indeed it is stupid to give physical evidence to these people, though, and it could be their undoing (whether they hired someone to do it or not is sort of irrelevant because they'll be found out and in the end they surely know what they are sending). Time will tell.

  4. bob dobbs

    When you say internet lowlife im assuming you mean the Ashley Madison customers

  5. Sam Cross

    I am from the old way of thinking about marriage with the vow that one will be sexually faithful only to their wedded spouse. So when someone uses this website they are either up to no good or using it as a vehicle to find other lovers if they have an open marriage. In the first case they better be afraid because they are breaking their vows, but in the latter case who cares? There really are very good reasons to be faithful; social diseases, especially the ones that give and give, like Herpes Simplex 2, not to mention AIDS. If your partner doesn't have them before marriage and is faithful, the chances are good they won't get them. Playing around on your spouse is fraught with bad outcomes. If your new spouse cheated on you with their old spouse who is to say they won't do it on you as well?

  6. Ashley

    Tangled webs and all.

  7. Sigh

    "in my humble opinion" indeed, Graham Clueless. It's AMAZING that after all these years, you've learned absolutely nothing. No one does or ever did consider you to be in computer security, just an ambulance chaser giving cookie cutter advice to grandmothers for profit.

  8. Ricky Campos

    I was not in the Ashley Madison database. Have never been on the site. However, I received a letter in late November that matches this description. I tossed it.

  9. Simon

    Funny…I am shocked this is still a thing. As a married guy that never visited the site, I am still not sure why this is such a big deal? No one is losing there minds over people on Xtube, pornhub or the other sites? While I didnt use AM, I have visited those sites and I had plenty of offers to meet off line. Heck, FB gets me more attention from friends & strangers alike. While I imagine some used the site for real meetings…some surely used it for the fantasy. Why are uninvolved parties taking such joy in this? Why are people reveling in the discomfort of the users?
    I think of that hack on the HIV + dating site and the Vtec hack…why arent people f***ing with those users with the same veracity? After all anyone with HIV that wants to date is clearly a deviant and any kid that would want a talking toy is a pig (hopefully you read this as sarcasim) .
    Bottom line is people, scummy as they are, had their privacy violated and criminals are now trying to harm them and their families. I would hope people could take off their moral police lenses for second to see that the extortion is way worse than anything any AM visitor could have done.

  10. sue

    Well I got the letter, complete with the story of how the man who didn't pay up and the harrassment he and his family received as punishment. Here's the thing – I was in the AM hack even though I am a woman (single). Why? Because I created a profile to see if my guy, also single (ex, now) was on there. He replied on AM to "me" within an hour. Broke my heart. And now I have to deal with the added humiliation of being blackmailed. It really sucks. But because I have nothing to hide (I am single, no infidelity) if the blackmailer starts contacting my friends and family (many know abou my humuliating discovery of my ex on there), I am going to seriously cause a ruckus to expose the blackmailer. I have had enough humilation and am going to be really motivated to fight back. I have good resources. PS, don't the blackmailers know there were lots of women on there just to check on their SOs. Especially those like me listed as single. If I had wanted no strings sex, I wouldn't need AM or any kind of secret site. It's not like my ad said I liked married guys or was looking for a sugar daddy.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.