Social engineering in social networks as a weapon of extortion against young people

A 22-year-old from Alabama pleaded guilty to a chain of crimes that has left dozens of victims in a vulnerable situation: extortion, cyber stalking and computer fraud for taking control of social media accounts, many of them from young women and minors. The case, which covers from April 2022 to May 2025, explains cruelly how social engineering - the ability to manipulate human confidence - can turn daily services such as Snapchat or Instagram into tools of threat and damage.

According to the Office of the Prosecutor, the accused obtained access to the profiles by posing as friends or acquaintances of his victims and by convincing these persons to deliver recovery codes or passwords. With these credentials in his possession, he took control of the accounts and began to demand obedience: to ask for money, to demand other passwords or to force the victims to send explicit sexual material. When the victim refused, the answer was intimidation: the threat of spreading intimate images or the definitive blocking of access to their own profiles.

This type of aggression is not just an attack on data: it is direct violence against the privacy and dignity of the people concerned. In several episodes described by the prosecutors you see how the behavior escalated. In one case, the attacker impersonated a friend of the victim to ask for a Snapchat recovery code; after accessing the account, he claimed to have dozens of videos and intimate images ready to publish them. In another, when an 18-year-old girl refused to please her demands, the attacker fulfilled her threat and released private photos. And in a particularly disturbing sample of the extent of the damage, a committed account was used to send a 13-year-old girl a picture of the Snapchat map, with the intention of implying that she knew where the family lived.

The authorities have stressed the seriousness of the pattern of events and have recalled that the exploitation of young people and minors in digital environments is severely punished. In the words of the federal prosecutor in charge of the case, this shows that online predators can take advantage of the confidence of adolescents and young adults to remove intimate material and subject victims to extortion, a warning that people will take precautions when they relate online. The official announcement of the prosecution and the guilty statement are available in the Department of Justice's communiqué: DOJ - communication on the case.

Beyond the individual impact, these incidents put systemic failures on the table: the ease with which attackers convince people to deliver codes, the difficulty that platforms find to stop a localized abuse and the prolonged anguish that victims suffer by seeing their intimacy exposed. They also rekindle the debate on the responsibility of social networks to detect suplanting patterns and provide safer and more emphatic recovery routes for those who have been attacked.

If there is anything that brings this dossier to the public debate, it is a clear lesson on prevention. There is no absolute guarantee, but there are specific measures that reduce the risk. Among the most effective are to activate authentication in two steps with applications or physical keys instead of SMS, not to share or enter recovery codes when someone requests them by message, to verify the identity of those who ask for sensitive information through a call or contact outside the network and to regularly review the login and authorized devices on each account.

If an account has already been compromised, it is important to keep evidence (screenshots, messages), report it to the platform and to the authorities, and request specialized help if there is sexual material of minors involved. Official organizations and resources that can guide in these cases include the FBI line on online sextorsion and scams ( FBI - Sextortion), the complaints centre for cases involving minors ( NCMEC - CyberTipline) and the guides of the Federal Trade Commission to protect personal accounts ( FTC - How not to be a victim of hackers). The support centres for each digital service, for example Snapchat ( Snapchat Help) and Instagram ( Instagram Support Center), where they often publish steps to recover accounts and report abuses.

The news of this trial does not come in isolation. In recent weeks, other processes have also been known against people who used similar techniques to account for and deal with intimate images. That pattern suggests that, as long as there are incentives and technical pathways to exploit online trust, there will be those who try to take advantage of them. That is why, in addition to individual prevention, a coordinated response is required: better safety tools on the part of platforms, faster and more human recovery processes, and judicial action capable of deterring and punishing perpetrators.

The accused in this case awaits his conviction in May, when the federal court will decide the sentence after the conviction. For victims and their families, the effects do not end with a sentence: emotional recovery and privacy repair can last much longer. In view of this, the combination of legal sanctions, digital education and technical improvements in services is the most realistic way to reduce the likelihood of such situations being repeated.

If you are a father, mother or guardian, or if you are young, active in networks, do not assume that "it only happens to others." Talking about privacy, teaching to mistrust unexpected requests and putting effective technical barriers are steps that really make a difference. And if someone has an intrusion, the immediate recommendation is to document, report and seek professional and legal support. Technology connects us, but it also requires caution and appropriate tools to protect us.