It now appears that there’s a brand new extortion phishing scam that’s out in the wild. like the last two that I told you about, this one plays on the fact that you might have surfed for porn and that you might of done something else related to that. In other words, it is playing on your guilt. Here’s the text of the latest scam email:
Hello!
I’m a member of an international hacker group.
As you could probably have guessed, your account [Email Redacted] was hacked, I sent message you from it.
Now I have access to you accounts! You still do not believe it?
So, this is your password: [Password Redacted] , right?
Within a period from July 5, 2018 to September 21, 2018, you were infected by the virus we’ve created, through an adult website you’ve visited.
So far, we have access to your messages, social media accounts, and messengers.
Moreover, we’ve gotten full damps of these data.
We are aware of your little and big secrets…yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know..
But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched!
I think you are not interested show this video to your friends, relatives, and your intimate one…
Transfer $700 to our Bitcoin wallet: [Bitcoin Wallet Redacted]
I guarantee that after that, we’ll erase all your “data” 😀
A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount.
Your data will be erased once the money are transferred.
If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection.
You should always think about your security. We hope this case will teach you to keep secrets.
Take care of yourself.
Now in this case, the so called hacker has the password of the user. That’s to add some perceived legitimacy to the email. But chances are they don’t know anything more than that. Thus the first thing that you should do if you get one of these emails is to change the password to any email or online service that is associated with that email. And if you’re wondering how they got your email and password, it was likely part of a data breach. You can find out which one by going to haveibeenpwned.com and typing in your email address. It will likely come back with the fact that you’ve been part of a data breach that includes your email address and password.
Now under no circumstances should you pay up. The main reasons are that not only does it make the scumbags behind this scam want to keep doing it, but because many BitCoin exchanges or ATMs do not require you to verify your identity. Thus there’s no way for the scammer to tie you to the money that they could get from you. Which means that they have no way to delete the data that they allegedly collected if you pay them. Which means that they’re lying about having data on you. Thus never pay these scumbags a single cent.
Next up is the purported use of the webcam to record the victim. It is possible to remotely take over a webcam in a laptop. If you’re the least bit paranoid about that, cover yours with tape. Or you can disable it entirely. Ditto for the microphone as well.
Finally, if you’re the least bit concerned about whether your system is compromised, consult a computer professional and have them check things over. It would also be a good idea to make sure your anti-virus is up to date and fully functioning as well.
The bottom line is this. These scumbags want you to be the 1% of people who fall for something like this because they make lots of money off that 1%. Don’t be a victim. Don’t respond. Don’t pay them. Just ignore them and make sure that whatever password that they have isn’t in use by any of your online accounts. They are scumbags and don’t deserve your attention or more importantly your money.