Password Phishing Blackmail Sextortion Scam

Lpixxelpusher on 21/07/2018 - 16:03

Just received an email from someone claiming they have a password of mine and have hacked my computer using it and want $2000 else they will release footage they have shot of me to all my contacts. Had me freaked at first but now I think it must be fake. Has anyone else received this? Real or Fake? The password is one I actually used but is pretty old and I don't think I use it anymore, but I'll have to check.

Here's a copy of the email, it's from Rosamund Gow <[email protected]>, the subject line had my name and password in it:

—————————- Email Extract ——————————-

I am well aware ******* one of your pass. Lets get right to the purpose. You do not know me and you are most likely thinking why you're getting this e-mail? Absolutely no one has compensated me to check you.

Well, I actually setup a malware on the X vids (porn) site and do you know what, you visited this site to have fun (you know what I mean). When you were viewing videos, your web browser started operating as a Remote control Desktop that has a keylogger which gave me access to your display and web camera. Right after that, my software program obtained every one of your contacts from your Messenger, Facebook, as well as e-mail . After that I created a double video. 1st part displays the video you were viewing (you've got a good taste lol …), and second part shows the recording of your web camera, and it is u.

You got two different choices. Lets read up on these options in aspects:

First solution is to dismiss this email message. As a result, I am going to send out your video clip to each one of your personal contacts and think about the embarrassment you will definitely get. Not to forget if you are in a relationship, just how it is going to affect?

In the second place choice is to pay me $2000. We will name it as a donation. As a result, I most certainly will straight away erase your videotape. You could keep going everyday life like this never occurred and you will never hear back again from me.

You'll make the payment through Bitcoin (if you do not know this, search for "how to buy bitcoin" in Google).

BTC Address to send to: 1nLsH8pNKEkQE3GTnvKffpCT5JTEQPvpG
[case SENSITIVE copy and paste it]

Should you are planning on going to the law enforcement officials, anyway, this e mail can not be traced back to me. I have dealt with my steps. I am not attempting to charge you so much, I prefer to be paid for. I've a unique pixel in this e-mail, and now I know that you have read this e-mail. You have one day to make the payment. If I don't get the BitCoins, I will send out your video recording to all of your contacts including family members, co-workers, and so on. Nonetheless, if I do get paid, I'll destroy the video right away. If you want to have proof, reply with Yup! and I definitely will send out your video to your 15 contacts. It is a non-negotiable offer that being said don't waste my personal time and yours by replying to this email message.

Internet Blackmail Email Extortion Password Phishing Scam Sextortion

Comments

  • Diji1 on 21/07/2018 - 16:11
    +4

    It's a well known scam that's doing the rounds, they do not have footage of you to share with anyone and nor do they have your passwords or your contacts.

    • Zedsdeadbabyzedsdead on 21/07/2018 - 17:42
      +4

      Please don't give them $2000! Just give me $1000 and I'll sort them out, after all it's a bargain website.

  • zooter on 21/07/2018 - 16:15
    +4

    ignore it..clearly a scam. Also take a moment to consider the alternative. if you do pay, what's the guarantee they won't still send it or demand more?

  • [Deactivated] on 21/07/2018 - 16:36
    -1

    They had to explain their power over you.

    Power does not need explanation.

  • mbck on 21/07/2018 - 16:43
    +3

    Ah so at least we know op goes to this

    wink wink nudge nudge

    • pixxelpusher on 21/07/2018 - 17:03

      Haha, it's a generic email from all reports

      • mbck on 22/07/2018 - 13:18
        +3

        I mean you were freaked out at first so….

    • Zedsdeadbabyzedsdead on 21/07/2018 - 17:41

      That's what I was thinking, mother fist and her five daughters.

  • maingoee on 21/07/2018 - 16:54

    " I've a unique pixel in this e-mail, and now I know that you have read this e-mail"

    Lol, if that isn't a giveaway that its a scam then I understand how these scams get people.

    Dont store anything you don't want your family to see anywhere that isn't password encrypted. Seriously google it its easy.

    • pixxelpusher on 21/07/2018 - 17:02

      Yeah I was looking through the raw source of the email and there's nothing there that looks like a hidden image (jpg, gif, png) it's just all plain text.

      Seems like this one has only appeared in the last few weeks, otherwise I probably would have heard about it.

      • Inzo on 22/07/2018 - 16:05
        +1

        That's actually a thing though, it's one of the more advanced form of message tracking.

        Send a html email, embed an image into it (invisible white box, or a picture of a full stop).

        When the mail client on the other end opens it, it (most of the time) goes to the web to download the picture it's supposed to be displaying (generally used for logos or banners)

        The webserver hosting the image then knows what file you tried to connect to and download (unique for each person you send it to), and also knows the date and time you tried to download it, as well as the IP address your PC was connected to at the time.

        That said, the whole email is still a scam, but that particular technique they talk about does exist, and in fact is documented in this company's FAQ on their service that is used for this purpose:

        https://www.getnotify.com/faq/#How_does_GetNotify_Email_trac…

        How does GetNotify Email tracking work?
        GetNotify works by adding a small invisible tracking image in your outgoing Emails. When your Email recipient opens your Email, this image gets downloaded from GetNotify server. So GetNotify will know exactly when your sent Email was opened and it notifies you through an Email that your sent Email is read by the recipient.

        • Zachary on 25/07/2018 - 17:53

          …so all we need to do to make our own email tracking system is to host a server that hosts these random images and then check our connection logs….? Or is there a readily free service that already provides this for us to use with no strings attached? :P

          AT least we would know who actually views our emails and who doesn't even bother opening it…..

        • Zachary on 28/07/2018 - 13:34

          @Zachary: …but then what if the email gets sent into the spam folder where html is not active/enabled? well gg for them…..or us if we're using it to track who actually reads our emails or not….

  • pixxelpusher on 21/07/2018 - 17:04
    +4

    Came across this site which seems to be good for checking emails and passwords: https://haveibeenpwned.com

  • EightImmortals on 21/07/2018 - 17:19
    +2

    Yeah scam, but some questions to consider, do you actually have a webcam attached to your PC? have you run a scan with Malwarebytes or similar to find the keylogger if any? Have you actually been fapping to porn sites?

    Or just delete it and get a good nights sleep. :)

  • qwerty on 21/07/2018 - 17:45
    +1

    I would run malware bytes and do a full antivirus scan

    But unless they post the names of the videos and times i would not panic .

    https://www.theregister.co.uk/2018/07/13/hacker_extortion_sc…

    • pixxelpusher on 21/07/2018 - 19:45

      Malwarebytes shows there's nothing on my computer, but I didn't expect anything to be on there anyway as they even say in the message that it was all running through the web browser based on software running on the website itself.

      I don't even know if this is technically possible, but I guess with an experienced coder anything is possible. You could write a full-fledged remote desktop app through javascript/html5 and run it through hacked websites. I've been to sites where you can control a streaming webcam, and even access your computer desktop (think online VNC sites like novnc.com).

      So the premise didn't sound that far fetched.

  • try2bhelpful on 21/07/2018 - 18:00
    +1

    You feel like needing a wash after you read this, don't you? Ignore this scumbag. I would recommend sending it to the scam alert sites but they probably have a bucket of these. They may have broken into whatever website you used that password with and that is how they got your email address and old password - or they got it off someone who did that.

  • AdosHouse on 21/07/2018 - 19:25
    +5

    My solution to this is simple, I don't have many friends, and the ones I do know how (profanity) up I am.

  • kahn on 21/07/2018 - 19:37
    +3

    You had me at sextortion.

  • chumlee on 21/07/2018 - 19:57
    +1

    Just tell your friends it's not what they think and you were just feeding the chickens

    • buckster on 22/07/2018 - 08:16
      +2

      "spreading seed for the chickens"

  • Melb69 on 22/07/2018 - 07:45

    For a start I don't use Messenger. That app provided by Facebook is not good. I think it is susceptible to potential hacking.

    Just ignore it. I you give them the money you'll likely get more extortion requests. That's how these scammers work. Just sad really. There are all these guys in Nigeria or where ever spending all their days scamming ppl for money to continue their larger illegal activity.

  • GangGang on 22/07/2018 - 08:32

    Bluff them and go for the "yup" deal. Make them sweat.

  • 13 on 22/07/2018 - 08:46
    +1

    I visit alot of porn sites…pleased my wife is well aware of my habits.

    • Speckled Jim on 22/07/2018 - 18:49
      +1

      Endless fun when you share a hobby ;)

  • sharkyoz on 22/07/2018 - 09:05

    id just tell them its about time i came out of the closet, and go ahead and release em…lol
    love screwing with em

  • Tamtim on 22/07/2018 - 09:27
    +1

    Definitely a scam. I remember reading this article :

    https://www.google.com.au/amp/s/amp.smh.com.au/technology/la…

  • StuffnStuff on 22/07/2018 - 10:28
    +2

    Sounds like a scam and a warning at the same time to make sure you have the latest antivirus/malware scanners installed. Also make sure you have secure passwords (upper/lowercase/numbers etc and nothing related to you such as your name or birth date). Enable 2 stage security on the likes of Microsoft & Google accounts so if your id & password are used anywhere besides on your device in your current location you get a notification instantly that you account has been accessed from somewhere else. Be more security conscious and make sure you don't click/open emails with links unless you know they are legitimate.
    Maybe just for piece of mind change/update your passwords.

    • pixxelpusher on 22/07/2018 - 13:25

      Yeah I agree, definitely a timely reminder that everyone out there be it hackers, corporations, governments are out to get your information and you should do whatever you can to maintain your privacy and anonymity. These days I use lots of blockers, network monitors, and VPNs but still can never be too careful.

  • HeWhoKnows on 22/07/2018 - 11:33

    Ignore it

  • OECK on 22/07/2018 - 13:19

    I would ignore it as it is clearly a scam. However, this is a good time to change the way you manage any of your online accounts. I am not affiliated with these guys, but lastpass.com is a great solution to password management. It is encrypted, and ensures you have a very, very complex password for each of your online accounts. All you need to do is install their app on your devices. There are other password manager sites and services out there, but I have not used any others so I can't give my opinion on them. You should take a look at them all and pick the best one for you.

    Regards,
    Peter @ Oeck.

    • pixxelpusher on 22/07/2018 - 13:33

      Thanks Peter, I've been using 1Password for the last year and it's been working well for my basic needs. Still need to migrate sites into it as there are many I'd have accounts on that I don't use regularly or haven't even been to for years.

      • OECK on 22/07/2018 - 19:07

        No worries!

        If you have an account with 1Password I would suggest changing all of your passwords asap, at least you will be able to avoid any potential future problems this way. Just remember to make a really good 1Password master password.

        Regards,
        Peter @ Oeck.

  • onetwothreefour on 22/07/2018 - 13:59

    Ask them to send you the vid, if they don't then they don't have it, if they do then you are screwed.

  • Sweet3st on 22/07/2018 - 15:04

    Yes I got this too… old Facebook password.

  • ozbjunkie on 22/07/2018 - 22:27

    Email back that you find it's interesting they have video of you, because you are using a desktop without a webcam.

    If they never reply, you win!

  • jenny43cat on 23/07/2018 - 03:09

    I got this one a couple of weeks ago, similar wording, wanting $1900. What freaked me out was that he DID have a password I have used in the past on several of my current sites - how would he have got that pw???.

    So I just changed the passwords that I needed to, ran virus and malware scans, and have had no further word from him and don't expect to, these guys are cowards.

    I also sent it to scam watch - https://www.scamwatch.gov.au/report-a-scam - though I don't expect to hear from them in reply. It never ever occurred to me to pay, never, never, never! I hope nobody does take the bait.

  • John Kimble on 23/07/2018 - 09:47

    You had me at "sextortion"

  • AlienC on 23/07/2018 - 13:50
    +1

    I would have asked them to continue to do so and eat popcorn while reading any comments I get from "friends and family hah" .. naked.

    My life is structured in a way that I don't really care what happens and embarrassment is actually a bonus sometimes in my weird and "quirky" life.

    Would be awkward at first imho but after awhile would just be a nice funny conversation piece to bring up or be brought up at random social occasions.

    But honestly who would care or matter that they knew or saw this.. the internet is for porn and ozbargain.

  • DarthAntz on 23/07/2018 - 13:56
    +1

    change the BTC address to your BTC address and forward the email to everyone on your mailing list.

  • AncientWisdom on 23/07/2018 - 15:28

    I wouldn't ignore it… I'd start using a password manager and check whether any of your passwords have been pawned. LastPass has a security check which is awesome to find which sites have duplicate passwords.

  • Zachary on 25/07/2018 - 17:50

    I got this exact same email, but got a password I don't recall using on any sites……but they somehow managed to find my email address to spam with….

  • Schmendrick on 28/07/2018 - 06:32

    Even Mark Zuckerberg keeps masking tape over his webcam

  • BigBirdy on 30/07/2018 - 14:57

    New York Times - An Old Scam With a New Twist

    If you have gotten a message from someone who claims to have dirt on you — and shows off, as proof, a password you’ve previously used — here’s what happened.

Login or Join to leave a comment
Login Join