Got a Ransom Email with Some Accurate Data

frostman on 14/03/2021 - 19:36

I got an email today starting with: "I know one of your passwords is <insert password> whilst visiting some website, etc.

the mentioned password is accurate!

He then goes on with some incorrect details:

When you were watching video clips, your web browser started out working as a Remote control Desktop with a key logger which provided me accessibility to your screen and also webcam. after that, my software collected every one of your contacts from your Messenger, Facebook, as well as e-mail. after that i created a video.

Now I dont have a webcam, nor do I have FB Messenger on my PC, no any contacts stored on the email that he addressed me to.

He's demanded $1,600 through bitcoin else he will apparently release a video showing me watching some explicit content on webcam.
Again, dont have a webcam, nor have i visited any explicit on my desktop pc..

How is it possibly he has an accurate (unique) pw to me, yet rest of the information seems to be a try-hard general which doesnt apply.
What can he do with this data?
Should I reply and troll him?

Internet

Comments

    • gromit on 15/03/2021 - 16:59
      +2

      never reply unless you like extra spam, all you are doing is confirming it is an active account, that in itself has value.

      • Topdog on 15/03/2021 - 17:23

        yeah i know! Google pretty good and stopping it. But yes i know it confirms account is active. never saw value though, i totally get it

        • gromit on 15/03/2021 - 18:59
          +2

          The value is in multiple ways, you get the extra targeted crap (easy to filter obviously) as you are flagged in the DB that is being sold and passed around as being active which increases the value of the account when onselling (so you are increasing their potential onselling profit for the POS that sent it to you in the first place), but it also flags you as someone they can maybe test your account with other sites, use the address with other information for potential targeted identity theft. you are also identifying yourself as a potential target for more well crafted spear phishing attacks that get past spam filters (still not to hard to spot but does require more vigilance).

          • Topdog on 15/03/2021 - 19:19
            +2

            @gromit: yes, i never thought about email addresses being sold as still active. So thanks for that, Ill no longer have fun when I get these type of emails.

            Asking the lovely Indian lady called Anne or Megan, to come and arrest me on the phone is ok isnt it? LOL, I get the call almost daily that the ATO is going to come and arrest me. I just tell them to hurry up and come and arrest me now, Ive been waiting months. They come from Mobile numbers now to, so sort of hard to block

            • gromit on 15/03/2021 - 19:31
              +1

              @Topdog:

              Asking the lovely Indian lady called Anne or Megan, to come and arrest me on the phone is ok isnt it?

              Geez I hope so, personally I offer them photos of various parts of my anatomy. I got abused by one of them on Saturday for being a pervert, made my day to be able to upset her so much.

    • capslock janitor on 17/03/2021 - 17:19

      macaroni in a pot

  • gromit on 15/03/2021 - 16:54
    +1

    there are a ton of databases available with passwords and account names. As has been suggested you should be checking haveibeenpwned regularly. What this email simply means is you have been lax at updating your password. The email you got is a common spam one just with the name and password being auto inserted from a DB hoping that you have been guilty of something and are scared enough to pay rather than risk it.

    try to update your passwords more often, use a password safe if you need to or come up with a unique scheme/pass phrase that makes it easy for you to remember.

  • [Deactivated] on 15/03/2021 - 18:01
    +1

    Sounds like an email Gmail would filter straight to Spam.

    • Topdog on 15/03/2021 - 19:22

      99.99 percent of the time yes, now and then ill still get the I have you self pleasuring yourself video ransom pop straight up in my main inbox. its rare though.

  • Mistredo on 15/03/2021 - 18:50

    The best thing is to have a different password for each site then you can identifiy where they got your password. The same thing happened to me, but because I use a different password everywhere I was able to identifiy the website that leaked my information.

    • McFly on 15/03/2021 - 19:06

      I also use a different e-mail (alias) for each site so I can see who's being dodgy with spam or passing on information.

  • Philthy on 15/03/2021 - 19:10

    in cyber security , youre told to never pay a ransom..cause theres a real chance the perps will just demand more afterwards

    • MrFunSocks on 16/03/2021 - 15:48
      +1

      Not that simple. Most people that got hit with the crypto locker viruses and paid would get their data back once paid because if they didn't then word would spread very quickly that you won't get your data back so you shouldn't pay.

      • Philthy on 17/03/2021 - 00:33

        of course there's always exceptions. in one case I was handling , a ransom group charged too low , so the victims ignored it thinking it was a joke lol. Only when they jacked the price up , was there more concern.

      • parismeow on 17/03/2021 - 16:08

        Totally agree with you on this - but you have also just shown that you are willing to pay for your data and that you actually exist (sometimes they are just phishing). So now, the chances that they are going to try and get your data again is more likely.

        • MrFunSocks on 23/03/2021 - 17:06

          Huh? I would know if they're phishing because my computer isn't encrypted…..

  • michaelTito on 15/03/2021 - 20:17
    +5

    this is like the reverse Onlyfan. They watched you masturbate and ask you to pay them money.

    • Serapis on 17/03/2021 - 22:10

      Lol thanks, I can't unread this now and I hate it…

  • spriggan43 on 15/03/2021 - 20:19
    +9

    Send a explicit video of yourself back and demand $1,600 through bitcoin else you will continue to send them videos.

  • Raj09 on 15/03/2021 - 20:32
    +1

    Ignore it and tell them that whatever they have has already been disclosed and is well known by your friends and family.

  • eggles01 on 15/03/2021 - 21:58

    same one I got,look for anti virus that includes ANTI RANSOM download and enter,good luck

  • eggles01 on 15/03/2021 - 22:00

    by the way,they sent the message from my email account to me in the same email account so act quickly

  • bigbadboogieman on 15/03/2021 - 22:49
    +1

    https://haveibeenpwned.com/ is a genuine Aussie maintained website which keeps track of popular data dumps and allows you to search for your emails and passwords that may have appeared in hacks followed by a data dump. Check out your email address and password on this website to see if it was part of a hack. This could give you an idea regarding where your information was stolen.

    Recommendation is to change all of your passwords where you may have used the same password, activate multi-factor authentication, keep a backup of files that you feel are irreplaceable over some private cloud (to protect against encryption/randomware attacks) and then ignore the ransom email.

    • [Deactivated] on 17/03/2021 - 03:11

      Apparently I have been along with 700 million others, it'll take a while to get through.

      I keep my serious private matters on a seperate email, but always pays to be careful and keep changing passwords.

  • shiny1 on 15/03/2021 - 23:20
    +2

    Delete the email and move on. Do not reply. These guys mass send emails and will target ones who hit back.

    I got the same email last year. Even if they truly did have videos of you watching porn (they don't), so what? Are your friends going to laugh at you and your parents disown you?

  • liongalahad on 16/03/2021 - 02:10

    Got the same email with an old unsafe password I used to use, which I know has been hacked before (the chrome password security tool advised me on that). They try to scare you by telling you your password so you believe them. Every 100 email they send, they probably find one that believes them and gives them money.

    Just ignore it.

  • imurgod on 16/03/2021 - 07:31
    +2

    It's an old scam. It's fine the rounds. Ignore.

  • sharkie0123 on 16/03/2021 - 09:30
    +1

    Step 1 : do not open any links in emails unless u have asked for said link even from friends and family.
    Step 2 : format pc / reset phone or Tablet.
    Step 3 : Reset all passwords to websites emails and accounts, focus on important ones first i.e. emails/banking first
    Step 4 : delete any emails you dont recognise,

    Sleep peacefully

  • momo1988 on 16/03/2021 - 09:36

    I remember driving home from work 1 day and seeing an email like this. Got a mighty shock out of it but a quick google search shows that it's a typical scam and it's related to a password breach. Change your password and move on.

  • Oneguyinmelb on 16/03/2021 - 09:44

    Vice did a video on this exact email scam last week - https://www.youtube.com/watch?v=pHW1p6QNTtI

    It's just a bot that spams thousands of users and snags the occasional sucker. The likelihood of someone using "Porn6969" as a password for pornhub is much more likely your bank or facebook page, so it seems semi accurate. They rely on stupidity and fear.

  • payless69 on 16/03/2021 - 11:02
    -1

    Do some yoga to relax and re-organise the brain. Learn how to seperate things that matter financially and socially. then:

    Head down to a pc store to get a "clean" pc to do ALL financial work. Never miss an upgrade, never allow to store a password. Reset all browsers to be free of passwords!

    Keep a secred book for the times you find it hard to remember passwords. Use caution to have passwords reset via email, NEVER use this option for financial matters

    Use the old pc for ALL "dirty" social time.

  • Ordinance on 16/03/2021 - 11:37
    +1

    Ask him if he's the hacker mentioned in this LA Times article.

  • SpaceNinja on 16/03/2021 - 14:13
    +2

    I received a similar email, ignored it. After some days I went viral on social media. Just kidding, nothing happened.

    • Serapis on 17/03/2021 - 22:08

      You could've ended up being Kim Kardashian (I'm not sure whether this counts as a praise or an insult lol)

  • [Deactivated] on 16/03/2021 - 15:00
    +1

    deleted, linked by others already

  • fullmetal on 16/03/2021 - 15:14
    +1

    Investing in bitcoin now to prepare for ransom

  • MrFunSocks on 16/03/2021 - 15:50

    Was your password hunter2?

    • Blue Cat on 16/03/2021 - 19:30

      qwerty123

      • MrFunSocks on 17/03/2021 - 11:52
        +1

        That just shows to me as *********!

  • CalmLemons on 16/03/2021 - 16:07
    +1

    Typical scammer.

    They have your e-mail and password and just send it hoping for there to be a moron on the other end.

    Ask them to send you $50 so it can cover your costs for getting a friend to help send the bitcoin out to them, as your friend who is a nigerian prince has been having a hard time recently and you need to pay for his services. Your aunty could give you the money but you rather not take favours from family.

  • mezje on 16/03/2021 - 20:00

    Goes without saying to not use that password anymore.

    100% a database leak. I got one of these a few years ago and it was a password I had not used since maybe even 2009, just seeing it gave me a good chuckle as it was a load of bologne I used on websites that seemed sus.

  • [Deactivated] on 16/03/2021 - 22:02

    Maybe this: https://www.news.com.au/technology/online/hacking/hackers-ac…

    I got some funny calls with pretty accurate details but was well oware of the news.

  • bolt on 17/03/2021 - 00:15
    +1

    I work in cybersecurity (before someone asks about my last comment, I moved from fraud to cyber) and this is a very common tactic. It's been said by other commenters before, but your password was 100% compromised in a data breach and dumped online. Scammers trawl these kinds of dumps for username/email and password combinations, which are commonly used by people across multiple sites, and then simply bulk email the entire list with templates saying they've got explicit videos of you and demand money in bitcoin to not release it. It's a very common technique and I've seen this exact template at work for the last couple of years - obviously it works since they keep doing it. Simply delete the email, and change your passwords, you have nothing to worry about here.

    General security advice - don't reuse the same password across multiple sites. Best to use a password manager like Bitwarden to randomly generate your passwords and keep each one unique to each site you use. The password in your original post may have been complex and difficult to brute-force, yes, but it's not much use if it's shared across all your logins and is compromised in a breach of an insecure site.

  • snivy on 17/03/2021 - 03:52

    Glad to see this being discussed here, I guess it's more widespread that I thought it was. I got the same email, and I had retired that password a long time ago… probably almost a decade ago.

    In my case I discovered it it as a part of database that has been posted online to a lot of different places, including Facebook (which upon reporting they still wouldn't take it down rolls eyes), so I assume it's from some old databases.

    But if you're still using that password better change it.

  • [Deactivated] on 17/03/2021 - 11:25

    ‘ nor have i visited any explicit on my desktop pc’

    SIR! Please, we’re all friends here.

  • trapper on 17/03/2021 - 12:46

    It's fake.

    But take this as a wake up call to get a bit more serious about your passwords.

    Use a password manager like Bitwarden and go through all your various logins and change the passwords to a randomly generated one.

  • RocketSwitch on 17/03/2021 - 15:09

    I have got 15 of those emails in the last 2 years.

    Safe to say now, I'm famous on Pornhub!

  • mubd1234 on 17/03/2021 - 15:18

    My dad got the same email. His computer doesn't even have a webcam so it doesn't make any sense. Don't worry, it's just a scam and probably got your password from a cyber breach (and highly uncreative - it's stolen from a Black Mirror plot).

  • Pains33ker on 17/03/2021 - 16:44

    I work as an IT professional and have encountered this alot. This email is likely come about from a data breach of a large organization. This is actually more common than you think. You can check if/what information has been listed on the dark web by googling the site haveibeenpwned and entering your email address. I'd suggestion changing passwords for each. Also 2 factor authentication, although annoying, works really well.

  • lysp on 17/03/2021 - 17:58

    I regularly get these emails, from a password that's over 10 years old.

    I just ignore.

    After a breach about 5 years ago, I now use a password manager and a randomly generated password unique to every website.

  • giventofly on 17/03/2021 - 20:49
    +1

    I got it too, just delete and then change any accounts that use that password.

    It originates from a data breach

  • Serapis on 17/03/2021 - 22:05

    Delete, they probably found your email and an online account associated with that email somewhere (e.g pastebin from some breach). It seems like a generic template and since you don't even have a
    webcam, just delete and move on…

  • kaleidoscope on 18/03/2021 - 08:21

    it’s a typical templated email from the scammers. All they do is grab hold of password from leaked password sites and spam the victims.
    Received the same email some time ago and realised I had even deleted account for a service which had that password long ago. Simply ignore and change your passwords to services which had that password or add 2FA for added security.

Login or Join to leave a comment
Login Join