Got a Ransom Email with Some Accurate Data

frostman on 14/03/2021 - 19:36

I got an email today starting with: "I know one of your passwords is <insert password> whilst visiting some website, etc.

the mentioned password is accurate!

He then goes on with some incorrect details:

When you were watching video clips, your web browser started out working as a Remote control Desktop with a key logger which provided me accessibility to your screen and also webcam. after that, my software collected every one of your contacts from your Messenger, Facebook, as well as e-mail. after that i created a video.

Now I dont have a webcam, nor do I have FB Messenger on my PC, no any contacts stored on the email that he addressed me to.

He's demanded $1,600 through bitcoin else he will apparently release a video showing me watching some explicit content on webcam.
Again, dont have a webcam, nor have i visited any explicit on my desktop pc..

How is it possibly he has an accurate (unique) pw to me, yet rest of the information seems to be a try-hard general which doesnt apply.
What can he do with this data?
Should I reply and troll him?

Internet

Comments

  • [Deactivated] on 14/03/2021 - 19:39
    +79

    First question: do you use the same e-mail and password combination on any other sites?

    Odds are that the database of one of the websites was "hacked", leaked, or just plain stolen by an employee and then sold off.

    That database may have stored your password in plaintext or a weak cipher and was cracked.

    Basically if all they've got is your username and password - then hop to it - change one of those details. Everywhere you use that combination. Either change your e-mail address. Or change your password. Because you know the combination is no longer safe.

    • lgacb08 on 14/03/2021 - 22:27
      +21

      yeah, definitely the case. I got that same email and just ignore it. I used to use the same login for quite a few sites at the beginning ages of internet but have move on so only those crappy sites that've fallen into oblivion has those information. Haven't hear anything back from the guy since.

    • CMH on 16/03/2021 - 02:29
      +4

      I got the same email and accurate password.

      Safe to ignore.

      • wozz on 16/03/2021 - 06:29
        +3

        same about 3 times. ignore.
        just make sure you dont use that password anymore :)

        • CMH on 16/03/2021 - 13:36
          +1

          It's the password for stuff I don't give a crap about, so I'm still using the same password.

          Mostly those "register for free to do this" sort of crap. No need to remember a million crappy passwords for services other people can get for free too.

          Tend not to use my real details on those sites neither, so being able to log in as me really doesn't do anything.

          • Franc-T on 16/03/2021 - 15:39

            @CMH: Whilst this makes sense, this habit puts you on the radar for scammers

          • nahkk on 16/03/2021 - 23:22

            @CMH: Check out bugmenot.com if you use a website infrequently.

          • OhmyRyzen on 17/03/2021 - 02:54

            @CMH: Please stop using that password.

    • Powlie85 on 17/03/2021 - 15:40
      +5

      Your password probably is on the owned list.
      https://haveibeenpwned.com/

  • avoidfullprice on 14/03/2021 - 19:40
    +14

    Shopback data breach?

    Seems most people here blame that incident on spam phonecall and situation like this.

    • pegaxs on 14/03/2021 - 21:25
      +87

      Nah, they gave everyone a $3 voucher after that happened… So we all good now.

      • FireRunner on 14/03/2021 - 22:52
        +63

        Where's my $3 voucher!?!?!?!

        • cameldownunder on 16/03/2021 - 16:39
          +4

          Hallo, I am from shupback, please PM me your username and password, and I settle everything for you.

          DONT — DONT — DONT — DONT — Joke Aert — Joke Alert. lol

      • jsb on 16/03/2021 - 12:04
        +4

        I guess I missed activating the deal. "Share your details with the world and get $3".

    • baller on 16/03/2021 - 22:17
      +1

      Got the same email. About 3 weeks after the Shopback breach

  • Melb69 on 14/03/2021 - 19:40
    +1

    I would not be using that computer and start updating all bank pw and main personal accounts

    • TK Deadwalker on 15/03/2021 - 22:54

      +1 Updating passwords

    • skittlebrau on 16/03/2021 - 00:44
      +17

      Nah, this doesn’t have anything to do with his computer.

      His username and password were harvested from a data breach and a scammer decided to do a bulk email to extort money from potential targets. Very common.

      Best to change that password and anywhere else the same one is used.

  • Jugganautx on 14/03/2021 - 19:40
    +73

    Its fake.

    Old account passwords get leaked through various services all the time. This is why you should change passwords periodically.

    I've had multiple of these emails as have a lot of people, a quick google search and you would have come to this conclusion yourself. Just ignore it.

    • mbck on 14/03/2021 - 19:52
      +20

      This. Ignore. Don't reply. They've got nothing but your old passwords.

      • frostman on 14/03/2021 - 19:56
        +2

        thanks dude, lost a bit of sleep over it.

        The password is very unique and unmatchable in bruteforce…so the fact that they had it got me worried.
        where they failed a little is to mention what site/service use it, so if it's like Zomato or some food rank website, i DGAF :)

        • mbck on 14/03/2021 - 20:16
          +8

          You can use that website have I been pawned. Then you can see where the data breach were.

          Stay safe!

          Ah yeh the guy below explained it.

          • [Deactivated] on 15/03/2021 - 16:55

            @mbck:

            have I been pawned

            You mean like those leaked videos that get release when couples break up sometimes and one of them feels vindictive?

        • SomeGuyOnOzB on 14/03/2021 - 21:06

          I read about this tactic over a year ago. Make sure the password is changed where you need to.

        • Vote for Pedro on 15/03/2021 - 19:37

          So what were you watching to have lost so much sleep over it

          ;-)

        • fredk1000 on 15/03/2021 - 22:25

          I see these at work frequently.

          Just change your passwords you think are compromised.

          Ignore them. Ignore all spam actually.

        • RevolverUpstairs on 16/03/2021 - 10:52

          Hope my comment isn't lost in your inbox - These emails are super common, I get maybe 5-10 a day due to my old passwords leaked 100 odd times. ITs an auto-generated email that is sent en-mass to thousands of people.

          Next steps for you to do:
          Virus scan your computer - I use malwarebytes
          Change that password
          Watch your inbox get another 50 of these emails and laugh them off.
          2FA as good hygenie.

          Sorry to hear you were stressed about it, really nothing to be stressed about though. :)

  • tabz on 14/03/2021 - 19:43
    +45

    Your email/password combo was most likely stolen from some website that had a data breach.

    You can check if your email address/password has been compromised here: https://haveibeenpwned.com/

    Change your password to any site using it and enable MFA where possible.

    But yeah, the rest is fake and you can ignore it.

    • frostman on 14/03/2021 - 19:53
      +4

      Thanks for that, first i've heard of this site.

      it suggests ive been pwned from a Zomato data breach.

      I did use the email in the ransom email, but couldnt confirm the password as they now moved to OTP to email…. you might be right… F zomato anyway

      • tabz on 14/03/2021 - 20:24
        +6

        If you reuse that same email/password combination in any other site (not just Zomato), I suggest you change those too.

      • Beanvee on 15/03/2021 - 19:28
        +4

        Time to start using a password manager to generate a unique password per website, so that if one gets leaked in a breach your other services aren't impacted.

        • Antikythera on 16/03/2021 - 11:36
          +1

          or just use a different suffix for every different site.

          <password>ozbargain
          <password>facebook
          <password>gmail

          <strongpassword>bank
          <strongpassword>ato

          <verystrongpassword>onlineGameAccount

          hackers are lazy and scripts wont see a pattern.

          • MrFunSocks on 16/03/2021 - 12:21
            +3

            @Antikythera:

            <password>ozbargain

            This seems good but it's not really any different to just having the password, because if someone gets your password then it doesn't take a genius to see that they just need to try <password>facebook for example.

            Password manager + 2FA + unique generated strong passwords is the go.

            • No ONE on 16/03/2021 - 22:04

              @MrFunSocks: I'm under the impression Antikythera is saying that is how people usually do and get hacked. So don't do it.

          • Tnetennba on 17/03/2021 - 08:55
            +3

            @Antikythera:

            hackers are lazy and scripts wont see a pattern.

            The problem is when these password dumps are leaked widely, many eyes are cast upon them and people will likely eventually manually see the clear pw (assuming it gets cracked or was stored in cleartext). Once someone sees an obvious word at the end relating to the data breach (e.g. they might ctrl + F for 'zomato' if that was the breached site) and then they will put 2 and 2 together.

            Avoid the chance and just use unique random passwords for every site. It isn't rocket science, even Google Chrome's option is good enough - as long as you secure your Google account properly (MFA without SMS option, etc.)

    • Wardy on 15/03/2021 - 14:57

      I just tried the website and only inserted the first four letters of my email address, then noticed no script had blocked some scripts so I allowed them which refreshed the page and the site stated I had been pwned. Rather poor I think.

      • SgtBatten on 16/03/2021 - 13:33

        Not sure what happened but the site has been a legit source of breaches for a long time. Mine have all been accurate in the past.

    • veej on 15/03/2021 - 16:52
      +3

      I know some of the results from haveibeenpwned are sites I have joined in the past but the passwords have been changed since and/or I don't care about them anymore. ​I've been using randomly generated passwords on sites for years so anything they get to wouldn't let them into other sites.

      I have a bunch too there that aren't mine - I have a very old gmail account with no numbers in it that gets people accidentally using it to register for things all the time.
      Even better is the first half of my email address is the same as the name of a company in Brazil so I get random unsolicited resumes sent to my email in Portuguese.

      • Antikythera on 16/03/2021 - 11:41
        +2

        random unsolicited resumes

        hmmm…i wonder if [email protected] is taken.

      • timmypete on 16/03/2021 - 17:37
        +1

        My domain name is one letter off a business coaching agency in Islamabad, Pakistan. Until I created an exception to the wildcard rule I got some weird and wonderful stuff (newsletter subscriptions, resumes, internal memos).

        All fun and games until one of them signed up to something from a Hezbollah affiliate and I had to declare it to my former employer!

  • PensionerXXL on 14/03/2021 - 19:49
    +3

    its already leaked homie :(

    @ https://www.youtube.com/watch?v=POG_IynHpjg

  • deme on 14/03/2021 - 19:51
    +2

    How is it possibly he has an accurate (unique) pw to me, yet rest of the information seems to be a try-hard general which doesnt apply.

    Stolen databases

    What can he do with this data?

    Change your password where.you use this, enable 2fa.

    Should I reply and troll him?

    No

  • Clear on 14/03/2021 - 19:58
    +13

    Should I reply and troll him?

    Never reply to these emails. You don't want them to know it's a real active email address.

    • frostman on 14/03/2021 - 20:00

      phew thanks for the tip - was going to mention something about the explicit video but yeah , nah

      • Clear on 14/03/2021 - 20:02

        This one time I had a client respond to one and they replied back pretending to be their secret 'mistress'. Unfortunately for the client his wife saw it and I had the fun job of trying to convince her it was a scam email.

  • Baysew on 14/03/2021 - 20:04
    +7

    Previous threads -

    Concerning Email Today Scam -Was in Junk Mail Folder
    Threatened by Hacker, Knows One of My Passwords

    You're in good company with DEvok and hellopam2019.

    • tomsco on 15/03/2021 - 07:33
      +6

      Oh course it had to be DEvok and hellopam2019 🤣

  • AndyC1 on 14/03/2021 - 20:09
    +1

    Google "Have I Been Pwned?" and have a good read up. One of the sites you have used has been hacked, but you need to find which one and deal with it.

  • jv on 14/03/2021 - 21:10
    +13

    Tell him to release the video.

    • Yummy on 14/03/2021 - 22:08
      +3

      Before that, ask the haxxor if they knows which hand did OP used?

      • Xistn on 15/03/2021 - 08:24
        +1

        ^ Actually this would be funny as…

      • michaelTito on 15/03/2021 - 20:15

        inb4 haxx0r is wrong by guessing either left hand or right hand.

  • AdosHouse on 14/03/2021 - 22:51
    +24

    I got one of those "we have video of you masterbating…..blah blah blah……pay or else we will release it to all your friends" emails. Well sucks to be them, I don't have any friends.

    • netjock on 14/03/2021 - 23:21

      Or you don't have a webcam. It is pretty amateur ransom email. But I guess they do it mass email and hope even a 1% of people will bite they will have a bit of money.

      If it was real video they had that would cost your reputation they'd be asking for more than $1,600.

      • AdosHouse on 14/03/2021 - 23:33
        +1

        LOL, yeah I didn't have a webcam, so it was a load of BS.

        • Donaldhump on 15/03/2021 - 00:21
          +4

          i couldn't give a rats if my mates saw a picture of me doing that…. up to them if they enjoy it.

    • CocaKoala on 15/03/2021 - 19:15

      I got one of those "we have video of you masterbating…..blah blah blah……pay or else we will release it to all your friends" emails. Well sucks to be them, I don't have any friends.

      I'd respond with something like "yeah, my friends are those people jacking off with me in that video", and they already have the video.

      • AdosHouse on 16/03/2021 - 06:46
        +3

        I was tempted to reply with, "so what do you think of my technique?".

  • McSquintus on 14/03/2021 - 23:07
    +4

    Use https://www.avast.com/hackcheck to check your email addresses.

    Avast sends you an email with the password and details, better than most pawned sites. If you receive an email you're not expecting, didn't sign up for you have doubts about, it's highly likely to be a scam.

    • CodeXD on 15/03/2021 - 07:45
      +1

      Thanks for this link! I was definitely surprised with which of my password has been leaked

      • McSquintus on 15/03/2021 - 09:02
        -1

        Try not to get used to your email addresses, once compromised you should be using a new one to avoid spam and scams. Same as with your mobile number, you will receive multiple daily calls from different phone numbers trying to scam you along with text messages although that is much harder to emotionally let go of!

    • HeyHeyHeyIsItADeal on 16/03/2021 - 18:35
      +1

      Dude… holy crap. Bookedmarked. Literally sent me an email of which websites and what password. lmao.

  • Donaldhump on 15/03/2021 - 00:20
    +1

    always put bluetac over your webcam before ……..

  • wombok2 on 15/03/2021 - 01:52
    +8

    You should watch a "Shut Up and Dance" Black Mirror episode on Netflix.

    sounds similar to your case and seems like the guys copied it haha.

  • ozbjunkie on 15/03/2021 - 07:29
    +2

    There was some awesome copy pasta detailing that one response is to make sure it's a really good video, send them an HD copy, set the lighting…

    Legend has it that one internet hero employing this deft plan resulted in the scammer sending one back.
    Romance is not dead people.

    • Loopholio on 15/03/2021 - 11:24
      +7

      This is terrible a advice.

      • lew380 on 16/03/2021 - 07:54
        -1

        What part? I'm genuinly curious

        • Castcore on 16/03/2021 - 16:15
          +1

          Having only 2 passwords for everything. Doesn't matter how strong the password is, don't use the same one on important sites/accounts.

          If you want to keep things easy and convenient at least use a password manager like bitwarden where you have one strong password/passphrase to access all your passwords but each password is strong and unique for each site/account.

          • lew380 on 17/03/2021 - 10:43

            @Castcore: Your forgetting device verification with emails and banks, you can't make it more complicated than it needs to be. A password is an unsophisticated way to protect any account, it just makes it a little more difficult.

            • Castcore on 17/03/2021 - 11:50
              +1

              @lew380: Sure there are other methods in place to make sure you're the one who's accessing the account (like 2 factor authentication). And they're excellent, but why not set yourself up with a bit of extra security and peace of mind if there's a data breach with one of your accounts, at least they won't have your credentials for all your accounts.

              I won't convince you not to do it, just pointing out what the bad advice was.

              Good advice would be to have a strong unique password for every account.

          • lew380 on 17/03/2021 - 11:52

            @Castcore: I keep the secure password for email and banks and systems where there is third party security, ie the password is useless unless they can also steal my phone and use that to verify a new device. Having multiple, strong passwords for each of your critical accounts(with third party verification) is redundant, if they can't hack any of them then your wasting your time with useless complications.

            I did have a data breach not too long ago with bank statements, they didn't get anything, the system stopped them easily and I just generated a new strong password and change it all across, I'm not remembering 3 or 4 strong passwords if I can just remember 1 with equal protection

            • Castcore on 17/03/2021 - 13:20
              +1

              @lew380: Having to change all your passwords doesn't sound much more convenient than remembering a few more if I'm being honest.

              I see your point and don't disagree with you though, until the start of this year I had the same password for literally everything. I just don't think it's good advice, especially since it didn't mention that there should MFA in place and just said "very strong password".

              I don't know enough about security to be able to comment on the added benefits of different passwords for MFA enabled accounts, logically it does sound like the same password may not be that damaging because without your phone they can't get in. But then again, if they did get your phone they'd have access to all your accounts not just one. Who knows? not me.

  • decademoon on 15/03/2021 - 07:55
    +6

    Use a password manager. Don’t reuse passwords.

  • Xistn on 15/03/2021 - 08:23

    I'm here to see the fap vid.. =D

  • Dejaar on 15/03/2021 - 08:37

    Ignore.It's a scam. Google that paragraph ('when you were watching video…..') and see

  • Chandler on 15/03/2021 - 11:47
    +1

    How is it possibly he has an accurate (unique) pw to me, yet rest of the information seems to be a try-hard general which doesnt apply.

    Yeah sounds like a pretty standard scam. They got your email and password from a hack/data breach. Email you with this story hoping you'll bite and pay.

    What can he do with this data?

    Probably nothing, apart from access any other websites/services where you've used the same/similar password (or password "formula"). Get yourself a password locker/manager and use long, unique passwords EVERYWHERE.

    Should I reply and troll him?

    You could, but you'd be wasting your time and only giving them more information i.e. email address is still active - they probably have no idea if the email address is even still in use

  • Pelicannn on 15/03/2021 - 13:18
    +3

    Ignore all previous suggestions and follow this:

    Step 1: Sign up to OnlyFans
    Step 2: Post said explicit video
    Step 3: Sue for copyright.

  • [Deactivated] on 15/03/2021 - 15:08

    https://krebsonsecurity.com/2018/07/sextortion-scam-uses-rec…

    It's called sextortion

  • Topdog on 15/03/2021 - 16:49
    +4

    I love this email, I always reply if you want to post videos of me self pleasuring myself on the internet go for gold. Im sure it will go viral, either get a bounce back the email dont exist or no reply at all.

    Go to this website: https://haveibeenpwned.com/ enter your email address and if any accounts are compromised, change the password, it may even have the account thats had its password details hacked and tell you where they got the password from. If this is no help. change all the passwords to your accounts where they have said that password to you.

    Dont use same passwords on important accounts IE: banking, I use the same password for all sites I dont care about that dont have sensitive or Identify data. Accounts that have sensitive data and or identifying data, ensure they are all different.

Login or Join to leave a comment
Login Join