Bella Thorne scuppers cyber blackmailers by releasing own topless photos

Online extortionists have been scuppered again this week, after actress Bella Thorne released a set of topless photos of herself after a blackmailer stole and threatened to release them.

The story draws strong parallels to another IT security related story when a blackmailer managed to steal hours’ worth of unreleased music from UK band Radiohead and demanded payment, only for the band to ignore the demands and release the music themselves on the cheap.

Not a good week for Internet blackmailers then.

On Twitter this Saturday, Thorne released a series of topless photos of herself that the blackmailer had managed to obtain, along with a very personal note for the extortionist themselves.

Fuck u and the power u think you have over me. I’m gonna write about this in my next book

She also included a screenshot of a message where she also warned the intruder who stole her photos that the FBI would be at their house. Shortly.

We do hope that is the case, but at the time of writing there is no indication that the authorities know who was responsible. If they do find the culprit, they could potentially get a lengthy prison sentence.


Sponsored Content. Continued below...




Between 2016 and 2018, four men responsible for the infamous 2014 “celebgate” – where a number of celebrities saw nude photos of themselves leaked online – were handed custodial sentences for their part in the crimes.

But how did Thorne see her intimate photos in the hands of voyeurs in the first place? While it is important not to jump to conclusions in this specific case, there are usually two important security mishaps that are responsible for this type of intrusion. Falling for a phishing scam and not having your account protected by two-factor-authentication.

It’s a familiar story that we seem to prattle on about in every other post. But it really is important.

You get an email or message asking you to click a link to confirm your login info for a service you use. Perhaps it’s your Google or Apple cloud storage account (you know, where your smartphone photos are stored if you enable cloud-backups.) You click the link, land on a spoof login page without realising and you enter your details, and voila. Password compromised.


Sponsored Content. Continued below...




Meanwhile your account is sitting there, online, without 2FA enabled, meaning all someone needs is that password to access it. That password that you’ve just handed over to a crook.

Account compromised! D’oh.

It’s the modus operandi that was the method of choice for many of the 2014 intrusions, and that’s because its easy, effective and fast. And despite the scam being as old as time itself, people still fail to spot it.

Is that how Bella Thorne’s photos were stolen? We don’t know. But remember, be sceptical of links in unexpected emails or messages, and always check the web address of login pages. And enable 2FA so crooks need more than just your password to access your account!