Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | Quell Pain Relief Review | Browse the Web Anonymously | Complete Guide to Facebook Privacy

Top News Stories

author photo

Is the Porn Blackmail Scam Real?

by on March 12, 2018
in Computer Safety & Support, News, Computers and Software, Blog :: 446 comments

What would you do if you received an email from someone claiming to have hacked your computer and recorded you via your webcam while you were engaged in watching porn, then threatening to send the video to everyone in your email and social media contact lists if you don’t pay a $260 ransom? Would you pay the ransom? Even if you’ve never viewed porn, what if they made the same threat to reveal the private details of all your emails?

This is exactly the situation some of our readers found themselves in recently, and they contacted us for help on how to proceed.

Here is an example of one the emails [grammatical errors left intact]:

Good Morning my friend. I represent the group of web criminals in Iran. I use this mail address because we think that you will check it. Few times ago my team put the virus on web-site with porn and as far as you clicked on a play button your system started shooting your screen and activating camera to capture you self-abusing. Eventually I mean you understand what compromising evidence Ive earned. Moreover, this software made your device act as dedicated server with plenty of functions like keylogger, parser etc. To sum up, my software picked all data, especially all your contacts from messengers, e-mails, social networks. If you wanna make me silent you must make a transaction of 260 dollars with bitcoin. 1K2auXQEKz7Ro8cRa2xr3bAPV2n6KT5vi1 You must use it as usual credit card number. If you send bitcoins nobody will see your shame. Watch youtube manuals about methods of buing BTC... I can offer you this exchanger: localbitoins.com.  If you have a problem with this, you can search comfortable ATM for bitcoin at coin atm radar. I give you no more than twenty four hours since you read our message to pay. You can complain cops, but they can not find us I use bot network, and of course we live abroad. If you want us to show proofs we will share it to seven mates from your data after that you will be given their contacts. So you will ask them if something strange was received about you. For some questions just reply. Dont be fullish, AmAZinGcRackeR$.

Scary, right? And there have been instances where victims’ computers were hacked, they were filmed in various states of undress (or worse) and then blackmailed that may make this threat seem all too real. But there are several indications that this is nothing more than a phishing scam, hoping to rope in active porn watchers with false threats (an easy demographic to target via mass email given that the world’s largest porn site, Pornhub.com, gets 75 million visitors PER DAY).

First, there is nothing in the email that demonstrates they know anything personally about you: it’s not addressed to you by name and there’s no detail about what site you supposedly visited and when. Nor did they supply a screenshot of the “self-abusing” they allege to have captured. In fact, they are explicitly discouraging you from asking for proof, by threatening to share said “proofs” with your “mates” if you ask. That is completely contrary to how we would expect a real hacker/blackmailer to act – if I wanted to scare the bejesus out of you to get you to pay, the first thing I would do is show you a compromising screen capture to prove that this is very, very real.

Another red flag is that when our readers ran scans using antimalware tools, no malware was detected. Antimalware tools aren’t perfect, but the better ones should have picked up the type of remote administration tool (RAT) described in the email.

Searching the web, there are reports of people receiving similar email scams, going back at least to last fall. The wording of the email varies, including where the scammers claim they’re from, the nature of their threat and the amount of money being demanded. Some people are falling for them, but fortunately not many. I researched a selection of the bitcoin accounts used in these scams and none of the emails had duped more than a handful of victims.

Unfortunately, these scams will likely continue and morph into new threats as the ubiquity of bitcoin makes it easier for scammers to hide behind these accounts and for victims to pay.

So, if you get one of these emails, should you pay the ransom before all your friends find out what you’ve been up to?

The answer is no, don’t be “fullish”.

[EDITOR'S NOTE 7/12/18: A number of people have posted in the comments that they received a version of the email which includes a real password they've used in the past. Does this mean that they should be concerned? The answer is No and Yes. No, you shouldn't be concerned that your computer was hacked and you were actually filmed watching porn - it's still a scam. But, yes, you should be concerned that your password has been leaked through a data breach. Security researcher Troy Hunt has uncovered more than 500 million passwords leaked through these breaches. That password in the email was likely one of them. 

If it is still an active password for you, the scam email should be a big wake up call that you need to ensure you are using unique and secure passwords for every one of your accounts. We strongly recommend a password manager like Dashlane or 1Password , which will automatically check your passwords to see if they have been revealed in a breach and help you create unique, secure ones for every site.]

[EDITOR'S NOTE 7/20/18: One reader reported receiving an attachment titled "Invoice" with the porn scam email. If you get an attachment, DO NOT OPEN IT. Email attachments are one of the primary ways hackers use to install malware on your computer, which could turn this fake malware scam into a very real one.]

[EDITOR'S NOTE ABOUT EMAIL SPOOFING 10/19/18: Many readers are commenting that the porn blackmail email appears to be sent from their own email address, causing added concern the hacking claims may be real. But don't be fooled. Email spoofing has been around for long time and is relatively easy to do. Usually the message headers will reveal the true sending email address. Here's how to tell if an email has been spoofed.]

[Image credit: Man in a dark room at a computer via BigStockPhoto]



Discussion loading

gravatar

Received email 22/10/18

From MJ on October 22, 2018 :: 6:01 am

So I received the following email this morning and had my work email as the sender…...................

My nickname in darknet is peder78.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

So, your password from ‪(work email) is Xxxxxx.

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $830 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): 1NXNt72qfMhPZDffUEqryCYpEUzyR6LmgH
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!
After your reading this message, I’ll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!
Good luck!
******************

My biggest concern is that it states my work email and password and references access to contact and social media etc. I have visited a popular pornsite previously and also visited an adult dating site. The English seems pretty good. Should I panic? Josh thoughts?

Thanks.

Reply

gravatar

my email is hacked

From Denis on October 22, 2018 :: 9:04 am

I’ve received an email from
My nickname in darknet is zacherie99

My nickname in darknet is zacherie99.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

He has my email address and the exact password I was using a long time ago.

It goes on to say that

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I am very scared that this is real threat. Is it possible that this is just scam or should I be really worried

Reply

gravatar

Hacked

From Rob on October 29, 2018 :: 5:14 pm

I received an almost identical email 10/28.  I also received a slightly different one a few weeks ago. Certainly very unsettling.  Mone asked for $240.

Reply

gravatar

I recieved this e mail from my own mail adress

From i dont know on October 22, 2018 :: 9:24 am

Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from (my e mail adress) on moment of hack: (some password i have used but not for this e mail - and last time i changed my password was 5 years ago so its not correct at all)

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $871 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1YnYAxprVrTo1WzPPzMo86ste5Ssp4xsy

If you do not know how to do this - enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen - all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure ...

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

Reply

gravatar

Same received

From Idk on October 25, 2018 :: 6:01 pm

I got the same one yesterday

Reply

gravatar

Same

From E Wei on November 01, 2018 :: 10:36 am

I got this same one today (well, just noticed it today) and they had one of my old passwords from a long time ago.  One question though - are hackers able to take screenshots or record through a phone camera? iPhone camera, to be more precise

Reply

gravatar

Also,

From E Wei on November 01, 2018 :: 10:37 am

thanks for this article, Josh. Panicked a little even though I didn’t have reason to haha.

Reply

avatar

No. Yes. Well, maybe.

From Josh Kirschner on November 01, 2018 :: 5:22 pm

If your iPhone is not jailbroken, then it is very difficult to install spyware of that nature. The only situation I’m aware of where iPhones have been hacked in this way is via extremely expensive software used by state spy/law enforcement agencies. To my knowledge, this has not made its way into the general hacking world. So yes, it’s possible. But unless you’re a criminal target (or a political dissident or independent journalist in a country that frowns on those things), it’s highly unlikely this would happen to you.

Reply

gravatar

Just Relax

From Mike on October 23, 2018 :: 11:03 am

For any one still worried about such emails, even after reading the many comments and examples on this site - my advice is to relax. Denis, you don’t need to be scared by this.

I received the first email like this about 6 months ago. I was on holiday and didn’t read it until days after the time limit had expired - and nothing had happened… Most recently, I received two last week, where the darknet name came up for the first time (ooh, scary). Again, my deadlines have expired and nothing has happened.

As others have pointed out, If these scumbags had anything, they’d send you a sample in the email to make sure you took them seriously. All they have on me is a public domain email address that I use on my website and a very old password used only on sites where the hacking of their data could have no impact on my life. The junkmail folder is too good for these messages. It is just a pity the people sending these messages can’t be locked away, where they belong. My suggestion is to make sure you password security is up to scratch and move on.

Reply

gravatar

So many different sender emails

From Rockynator on October 23, 2018 :: 12:26 pm

I got this from ” Orren Gennari ” = orrenlin137@mail.ru

“xxxxxxxxx is o‌n‌e o‌f your pass wo‌rds. L‌ets g‌et di‌r‌ectly to‌ th‌e po‌i‌nt. No‌t o‌n‌e p‌erso‌n has co‌mpensa‌t‌ed m‌e to‌ inv‌esti‌ga‌t‌e about yo‌u. Yo‌u do‌ no‌t kno‌w m‌e a‌nd you’r‌e mo‌st li‌k‌ely thi‌nki‌ng why yo‌u ar‌e getti‌ng thi‌s ‌e mail?

W‌ell, i‌ i‌nstall‌ed a‌ malwa‌r‌e o‌n th‌e xxx vi‌ds (po‌rno‌) web si‌t‌e and guess wha‌t, yo‌u vi‌si‌t‌ed thi‌s w‌eb si‌t‌e to‌ exp‌eri‌enc‌e fun (yo‌u kno‌w wha‌t i m‌ea‌n). Wh‌en yo‌u wer‌e vi‌‌ewi‌ng vid‌eo cli‌ps, yo‌ur bro‌ws‌er sta‌rted o‌ut functioni‌ng a‌s a R‌emot‌e co‌ntro‌l Desktop that has a key lo‌gg‌er whi‌ch pro‌vid‌ed m‌e with a‌cc‌ess to yo‌ur di‌spla‌y scr‌e‌en a‌nd a‌lso w‌eb cam. after tha‌t, my so‌ftwa‌re pro‌gra‌m gath‌ered your ‌enti‌r‌e co‌nta‌cts fro‌m yo‌ur M‌ess‌eng‌er, social n‌etworks, and ‌ema‌i‌l . a‌nd then i mad‌e a‌ vi‌d‌eo. Fi‌rst pa‌rt di‌spla‌ys the vi‌d‌eo you w‌ere vi‌‌ewi‌ng (yo‌u have a go‌o‌d tast‌e lo‌l . . .), a‌nd s‌eco‌nd pa‌rt sho‌ws the r‌eco‌rding o‌f yo‌ur ca‌m, & it is u” ... continue…

Reply

gravatar

... i even do not have a camera in computer.

From Rockynator on October 23, 2018 :: 3:35 pm

So i do not nothing but only clicking “answer”-button and then senders name , so i see that my email proba ly comes from Russian.
ip-address i like to searcu but i do know how

Reply

gravatar

Business Insider article on this topic

From Terry on October 23, 2018 :: 1:57 pm

Take a look at https://www.businessinsider.com/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7

Reply

avatar

Yeah, same thing

From Josh Kirschner on October 23, 2018 :: 7:56 pm

BI was a little late to the game (we reported on this four months earlier) but, yeah, same thing.

Reply

gravatar

??

From micaela on October 23, 2018 :: 11:48 pm

hello!
my nickname in darknet is harv67.
i hacked this email more than six months ago. through it i infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

so, your password is****** from ***********
even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer and automatically saved access for me.

i have access to all your accounts, social networks, email,browsing history. accordingly, i have the data of all your contacts, files from your computer,photos and videos.

i was most struck by the intimate content sites that you occasionally visit.
you have a very wild imagination, i tell you!

during your pastime and entertainment there, i took screenshot through the camera of your device, synchronizing with what you were watching. oh my god! you are so funny and excited!

i think that you do not want all your contacts to get these files, right?
if you are of the same opinion, then i think that 899$ is quite a fair price to destroy the dirt i created.

send the above amount on my btc wallet (bitcoin):1NXNt72qfMhPZDffUEqryEUzyR6LmgH as soon as the above amount is recived i guarantee that the data will be deleted, i do not need it.

otherwise these files and history of visiting sites will get all your contacts from your device.also, ill send to everyone you contact access to your email and access logs, i have carefully saved it!

since reading this letter you have 48 hours! after your reading this message, ill recive an automatic notification that you have seen the letter.

i hope i taught you a good lesson. do not be so nnonchalant , please visit inly to proven resources, and dont enter passwords anywere!
good luck!

i use my cellphone to open my emails, im assuming this is also a scam but i also noticed it was a bit different than some of the others people received, one thing that tipped me off after i got over the panic was that the password was the first one i ever used and was around 12 years old. i had changed it to something more secure years and years before i received this email i got it on the 20th of October and it has been well past the deadline and my “dirt” has yet to be sent out as far as i know.

Reply

gravatar

Am I in trouble

From Jimmy 2shoes on October 24, 2018 :: 2:43 am

My email I got is very similar to these.

However they had my password mentioned in it for this one email address which was it or at least very close to it woth a number at the end missing.

Plus they sent it from the email that was hacked to my main email I use - so not sure how they got that and I guess that’s why I’m a bit more worried.

Reply

avatar

Did you read my note above about email spoofing?

From Josh Kirschner on October 24, 2018 :: 7:57 am

I talk about email spoofing in the article above. That should alleviate your concerns.

Reply

gravatar

Similar email

From Amy on October 24, 2018 :: 6:02 am

I received a similar email but due to some other personal reasons and safety decided fo delete the account permanently.
Did I gain more attention doing that? I’m really concerned.

It mentioned something like, “remember months ago that your account was hacked, it was me. Proof is that this email comes from your addresss and I have the password you had by then (mentioned an old pass) probably you already changed it but it doesn’t matter I already have it” ... and so one asking bitcoin and same menaces previously mentioned.
Thanks.

Reply

gravatar

Scammer is using my email address

From Karen on October 24, 2018 :: 10:51 am

I have received two emails as above, but both have been sent from my own email address. I’ve clicked in the headers and it’s still my email address. They also quoted one of my passwords, although it’s not the one I have for my email account as they say (but could have been before) What should I do? Thanks for any help.

Reply

avatar

Another spoofing example

From Josh Kirschner on October 25, 2018 :: 12:51 pm

I explored this issue with Karen and we confirmed that it was another example of spoofing. In this case, the sending IP address was a server host in South Africa, not Microsoft, which makes it pretty clear the email was not really coming from a Hotmail account. Also, for those who want to get a little more technical, the SPF authentication was a “SoftFail” because the sending server (in South Africa) was not authorized to send for that domain (hotmail.com). Only legitimate emails should result in an SPF “Pass” result.

Reply

gravatar

Filtering out these messages

From SystemAdmin on October 25, 2018 :: 12:18 pm

We have been plagued with these on a number of client sites. Most of them use Exchange Server so we added this simple transport rule at the organizational level to intercept them. It looks for the word “bitcoin” in the message body and redirects it to another mailbox for review.

New-TransportRule -Name ‘Filter out BITCOIN messages’ -Comments ‘Re-direct any messages with the word BITCOIN in them’ -Priority ‘0’ -Enabled $true -SubjectOrBodyContainsWords ‘bitcoin’ -RedirectMessageTo ‘System.Administrator@ourdomain.com’ -ExceptIfFromScope ‘InOrganization’

A similar approach could be used with other SMTP servers.

Reply

gravatar

Fake emails?

From Sally Jones on October 25, 2018 :: 10:05 pm

I’ve rec’d similar email, but my ransom is $6000 bitcoins ; should the large ransom be indication of a real case?

Reply

avatar

No.

From Josh Kirschner on October 25, 2018 :: 10:14 pm

Bigger ransom just means bigger scam.

Reply

gravatar

Job Applications

From Rick on October 26, 2018 :: 7:08 am

More than the sextortion threat, scam emails received as a job application almost got me. In my work email, I got the following email for the first time.

Good Afternoon,
My name is [name removed]  and I’m interested in a position.

I’ve attached a copy of my resume.
The password is “1234”

Thank you!


My company is actively receiving real applications, and sometimes people do send email directly (I suppose), so it looks legit. I did open the attachment and foolishly typed in the password. Thankfully MS Word detect a macro and disabled opening, so hooray for using the latest version of MS Word.

Reply

gravatar

Time has passed but wait there’s more...

From Mr Smith on October 26, 2018 :: 3:14 pm

I too received an email with darknet nickname, my work email and password requesting bitcoin or they would reach out to contacts exposing habits etc.

The time has now passed and nothing has happened. The spoofing notes by editor answers how they used my work email as sender. Still blows me away though that when I tap sender it accesses my personal contact details in phone.

I think the subscriber who referenced ‘exchange’ is on to something because I’m pretty sure my work email is powered by exchange. But also because I received another email to the same address this morning informing me that some terms and policies have been updated and to access the link for more. Although it’s not requesting anything the red flag is that once again sender is me. The organisation I work for would not send emails this way. Needless to say I will not be touching the link and have since forwarded it on. Unlike the initial email this did not mention any hot words like Bitcoin so I’m guessing this is why the email came through to my inbox without any attention or warning from my employer.

Maybe it’s time for my employer to change my email if I continue to receive emails similar to these in the future.

Josh, appreciate your follow up notes in thread.

Reply

gravatar

He used my cell number and my first and last name. What do I do

From Shalom on October 26, 2018 :: 4:12 pm

is your password. Lets get directly to the point. You may not know me and you’re most likely thinking why you’re getting this e mail? No person has compensated me to investigate you.

Well, I placed a software on the 18+ streaming (pornography) web site and there’s more, you visited this site to experience fun (you know what I mean). While you were viewing videos, your internet browser started out working as a Remote Desktop that has a keylogger which gave me accessibility to your display and also cam. Just after that, my software collected all of your contacts from your Messenger, social networks, as well as e-mail . And then I created a double video. 1st part displays the video you were watching (you have a good taste lmao), and 2nd part shows the recording of your webcam, yeah it is u.

You have two different alternatives. Lets take a look at these types of options in aspects:

First alternative is to neglect this e mail. In this case, I am going to send out your actual recorded material to every single one of your contacts and also just consider about the shame you feel. Do not forget should you be in an affair, precisely how this will affect?

Other solution will be to give me $7000. We will call it a donation. Subsequently, I will right away erase your video recording. You can continue your daily life like this never happened and you will not hear back again from me.

You’ll make the payment through Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google).

BTC Address: 1BsdGwXrznfFy3XdqnVvybeoaLhLsmsjZT
[CASE-sensitive, copy and paste it]

If you may be wondering about going to the police, good, this mail can not be traced back to me. I have taken care of my steps. I am just not trying to ask you for so much, I simply want to be paid for.

You have one day to pay. I’ve a special pixel in this mail, and right now I know that you have read through this mail. If I don’t receive the BitCoins, I will, no doubt send out your video to all of your contacts including friends and family, co-workers, and so on. Having said that, if I do get paid, I will erase the video right away. If you need proof, reply with Yes! & I definitely will send out your video to your 14 friends. This is the non:negotiable offer therefore do not waste my time and yours by responding to this e mail.

Reply

gravatar

$6000

From Just a random hit on October 26, 2018 :: 4:31 pm

My email asked for $6000….
I figure if it was real they’d ask for something I might be able to pay since I sure couldn’t pay that even if I wanted to.

Thanks for the information though since I always research anything I think could be a scam this really made me feel better.

BTC address:
18yRj6Nn3UEgmD8cnV5LgshzS5r3Vu3iEv
Sender was listed as Aaron@Smith968.edu

Reply

gravatar

A new wrinkle

From Pa on October 26, 2018 :: 9:35 pm

Someone tried to scam a friend accusing them of having child porn on his computer. The thing is that apparently they had remote access to his computer and parts of his computer are not working since he failed to pay the extortion demand. How can you recover the computer? And make sure they didn’t plant child porn in the process?

Reply

gravatar

From email is actually mine?

From Rh on October 27, 2018 :: 3:10 am

I got this and wasn’t worried as I get lots of junk but the email it is sent from is actually mine. Says ‘Me’ when I click on it it comes up with my real email and my whole contact info. Does this mean there is someone using my account?

Reply

gravatar

Is it a scam?

From Alice Khayinza on October 27, 2018 :: 10:22 am

Received a similar email today . .
Asking for 859$ in bitcoin with a link to where I should send the money.
Given 48 hours to do so otherwise all my contacts will be given salicious pictures of me. I have never logged onto a porno site in my life. Now they say they have pictures of me through their malware on phone doing what they exactly I don’t know. The password is one I used on Pinterest. Should I be worried!

Reply

gravatar

Email sent from account

From User on October 27, 2018 :: 11:40 am

Have I been hacked? I have received the same bitcoin email, but it was sent from my own account?

Reply

gravatar

ACTUALLY sent from my address

From Julia on October 28, 2018 :: 12:45 pm

So, I keep getting a whole bunch of similar emails to this, but one ACTUALLY was sent from me, to me - I checked my Sent folder and the emails was there

Reply

avatar

hmmm...Are you sure?

From Josh Kirschner on October 29, 2018 :: 10:39 am

It’s certainly possible that someone hacked your email account and sent the email from your own account, but this is the far less likely scenario.  And, frankly, if a hacker has access to your email account, there are far better ways to rip you off than through a lame pron blackmail scam. Are you sure you don’t have mail forwarding to yourself from an older account that may make it seem like it you sent the original? If you think it was sent from your account, it would be safest to follow our steps for what to do when your email gets hacked.

I would also be willing to take a look at the header information of the original email (I would need to see the full headers), if you can take a screen shot and send it to me. josh at techlicious dot com.

Reply

gravatar

yeah, I'll pass the header

From Julia on October 29, 2018 :: 7:20 pm

yeah, I’ll pass the header info along. And since it’s in my Sent folder, I’m not sure how that would make it “seem” like it came from my own account. Wouldn’t that only show emails that came from that particular account? How in the world could someone spoof that?

Reply

avatar

Good news - not sent from your address

From Josh Kirschner on October 30, 2018 :: 5:00 pm

I took a look at the header info you sent me and it was clearly not sent from your email. The sending IP address is from an unrelated company in Japan (and it failed its SPF validation, too, as a permitted sender for your domain).

As to why it is appearing in your sent folder, I think that is just a function of how your email interface is handling the spoofed address. Since your real email is in the “From” field (even tough it’s spoofed), your email system must be pulling things into your “Sent” folder based on that.

gravatar

Why is it not possible to?????????

From Gerry Rigley on October 29, 2018 :: 3:58 am

I will start by admitting that I am a complete TECHNOPHOBE I can switch my computer on and off, read my emails and do a search on google and that’s my lot, but I hear every day on the TV and read on the internet about all these amazing six year olds that can hack into the white house and do amazing things, so why is it not possible for some clever dick to backtrack on these idiots sending these emails and find who and where they are, if someone can explain please in easy to understand, non gobbledigook language I would really appreciate it.  Thanks…  Gerry

Reply

avatar

It is possible, but it's not easy

From Josh Kirschner on October 29, 2018 :: 10:55 am

I think we all wish these folks could be tracked down and suffer the appropriate punishment for their evil ways. And, given enough resources, it is possible to do that, in most cases. However, it is not easy to do.

Most of these scammers are hidden behind anonymous VPN or TOR networks, receive payment into anonymous bitcoin accounts and are based in countries that don’t play well with US or European law enforcement. So, while the FBI could trace back IP addresses (if they can get past the encryption and lack of user logging), get search warrants for user information from foreign server hosting companies (which may be ignored), spend effort trying (perhaps in vain) to match server access records with individual users (if the records exist), only to find that the person they’re after resides in a country which doesn’t cooperate with US law enforcement or for which these activities aren’t even illegal, the likelihood of success is very low and the costs are very high.

So the FBI chooses to focus its resources on the bigger criminal syndicates and highest profile scammers/spammers, rather than the thousands/tens-of-thousands of small-time scammers. That’s why it’s so important for all of us to be proactive at managing our own internet safety and learn how to spot and avoid these scams.

Reply

Could porn sites be selling data?

From Vicky Powell on October 29, 2018 :: 7:26 pm

I did wonder if some porn sites could actually be selling data too. A lot of them have mafia type undertones and I wouldn’t put it past them,. Not data on what is watched but email addresses, passwords etc. It may be a coincidence but I accessed one as was following up from a thread on a women’s forum about something I thought was really gross and was curious (honest, it certainly was t my bag!) and literally about 2 weeks later I got one of these. It might just be coincidence, but certainly haven’t had them before and I do know I was compromised with a couple if the data breaches.  Mine was one of the strange ‘came from myself’ emails too but as there was nothing in the sent box I was pretty sure it was a scam and to honest they would just have captured me staring somewhat incredulously at a screen!!

Reply

avatar

Interesting theory, but I think not

From Josh Kirschner on October 30, 2018 :: 9:36 am

Porn sites, at least the major ones, are big businesses who would have a lot to lose if it were revealed that they were selling user data. And if this were information from a specific porn site, it would make more sense to create a more detailed letter to convince you it’s real(that is, at least name the site, if not specific videos or access times). But all the letters I’ve seen provide none of that - they’re just generic notes anyone could create using data from one of dozens of various data breaches.

Reply

gravatar

Scam or real?

From Grace on October 30, 2018 :: 1:58 am

I got an email today from my school email address:


He‌llo‌

So‌ I a‌m a‌ ha‌cke‌r who‌ cra‌cke‌d yo‌u‌r e‌-ma‌i‌l a‌nd de‌vi‌ce‌ a‌ co‌u‌ple‌ o‌f we‌e‌ks ba‌ck.

Yo‌u‌ e‌nte‌re‌d yo‌u‌r pa‌sswo‌rd o‌n o‌ne‌ o‌f the‌ we‌b-si‌te‌s yo‌u‌ vi‌si‌te‌d, a‌nd I i‌nte‌rce‌pte‌d i‌t.

He‌re‌ i‌s the‌ se‌cu‌ri‌ty pa‌sswo‌rd fro‌m ******MY EMAIL******** o‌n mo‌me‌nt o‌f ha‌ck: grace ****(my name)*****

Of co‌u‌rse‌ yo‌u‌ ca‌n ca‌n cha‌nge‌ i‌t, o‌r pe‌rha‌ps a‌lre‌a‌dy cha‌nge‌d i‌t.

The‌n a‌ga‌i‌n i‌t wo‌n’t ma‌tte‌r, my ma‌li‌ci‌o‌u‌s so‌ftwa‌re‌ u‌pda‌te‌d i‌t e‌ve‌ry ti‌me‌.

Do‌ no‌t re‌a‌lly co‌nsi‌de‌r to‌ ge‌t i‌n to‌u‌ch wi‌th me‌ pe‌rso‌na‌lly o‌r e‌ve‌n fi‌nd me‌, i‌t i‌s i‌mpo‌ssi‌ble‌, si‌nce‌ I se‌nt yo‌u‌ e‌ma‌i‌l fro‌m yo‌u‌r e‌ma‌i‌l a‌cco‌u‌nt.

Vi‌a‌ yo‌u‌r e‌ ma‌i‌l, I u‌plo‌a‌de‌d ha‌rmfu‌l pro‌gra‌m co‌de‌ to‌ yo‌u‌r Ope‌ra‌ti‌o‌n Syste‌m.

I sa‌ve‌d yo‌u‌r e‌nti‌re‌ co‌nta‌cts to‌ge‌the‌r wi‌th bu‌ddi‌e‌s, fe‌llo‌w wo‌rke‌rs, re‌la‌ti‌ve‌s a‌nd a‌lso‌ the‌ fu‌ll hi‌sto‌ ;ry o‌f vi‌si‌ts to‌ the‌ Wo‌rld wi‌de‌ we‌b re‌so‌u‌rce‌s.

As we‌ll I se‌t u‌p a‌ Tro‌ja‌n o‌n yo‌u‌r syste‌m.

Yo‌u‌ a‌re‌n’t my o‌nly ta‌rge‌t, I typi‌ca‌lly lo‌ck co‌mpu‌te‌rs a‌nd a‌sk fo‌r a‌ ra‌nso‌m.

Ho‌we‌ve‌r I wa‌s hi‌t by the‌ we‌b-si‌te‌s o‌f i‌nti‌ma‌te‌ co‌nte‌nt tha‌t yo‌u‌ no‌rma‌lly sto‌p by.

I a‌m i‌n i‌mpa‌ct o‌f yo‌u‌r cu‌rre‌nt fa‌nta‌si‌e‌s! I’ve‌ ne‌ve‌r o‌bse‌rve‌d a‌nythi‌ng a‌t a‌ll li‌ke‌ thi‌s!

So‌, whe‌n yo‌u‌ ha‌d e‌njo‌yme‌nt o‌n pi‌qu‌a‌nt i‌nte‌rne‌t si‌te‌s (yo‌u‌ kno‌w wha‌t I me‌a‌n!) I ma‌de‌ scre‌e‌n sho‌t wi‌th u‌si‌ng my pro‌gra‌m thro‌u‌gh yo‌u‌r ca‌me‌ra‌ o‌f yo‌u‌rs de‌vi‌ce‌.

Fro‌m the‌n o‌n, I pu‌t to‌ge‌the‌r the‌m to‌ the‌ co‌nte‌nt o‌f the‌ pa‌rti‌cu‌la‌r cu‌rre‌ntly se‌e‌n we‌bsi‌te‌.

The‌re‌ i‌s go‌i‌ng to‌ be‌ la‌u‌ghte‌r whe‌n I se‌nd the‌se‌ sho‌ts to‌ yo‌u‌r a‌cqu‌a‌i‌nta‌nce‌s!

BUT I a‌m su‌re‌ yo‌u‌ do‌ no‌t wa‌nt thi‌s.

He‌nce‌, I e‌xpe‌ct to‌ ha‌ve‌ pa‌yme‌nt fro‌m yo‌u‌ i‌nte‌nde‌d fo‌r my qu‌i‌e‌t.

I thi‌nk $900 i‌s a‌n sa‌ti‌sfa‌cto‌ry pri‌ce‌ re‌ga‌rdi‌ng thi‌s!

Pa‌y wi‌th Bi‌tco‌i‌n.

My BTC wa‌lle‌t a‌ddre‌ss: 1HMaDdEhSQbc12B5Rb9qHUZNnWXF5xXPJL

In ca‌se‌ yo‌u‌ do‌ no‌t re‌a‌lly kno‌w ho‌w to‌ do‌ thi‌s - e‌nte‌r i‌nto‌ Go‌o‌gle‌ ‘ho‌w to‌ tra‌nsfe‌r mo‌ne‌y to‌ a‌ bi‌tco‌i‌n wa‌lle‌t’. It i‌s e‌a‌sy.

Imme‌di‌a‌te‌ly a‌fte‌r ge‌tti‌ng the‌ gi‌ve‌n a‌mo‌u‌nt, a‌ll yo‌u‌r i‌nfo‌rma‌ti‌o‌n wi‌ll be‌ stra‌i‌ght a‌wa‌y e‌li‌mi‌na‌te‌d a‌u‌to‌ma‌ti‌ca‌lly. My ma‌lwa‌re‌ wi‌ll a‌d di‌ti‌o‌na‌lly cle‌a‌r a‌wa‌y i‌tse‌lf o‌u‌t o‌f yo‌u‌r o‌pe‌ra‌ti‌ng-syste‌m.

My Tro‌ja‌n ha‌ve‌ a‌u‌to‌ a‌le‌rt, so‌ I kno‌w whe‌n thi‌s spe‌ci‌fi‌c e‌ ma‌i‌l i‌s re‌a‌d.

I gi‌ve‌ yo‌u‌ two‌ da‌ys (48 ho‌u‌rs) fo‌r yo‌u‌ to‌ ma‌ke‌ the‌ pa‌yme‌nt.

If thi‌s do‌e‌s no‌t ha‌ppe‌n - ju‌st a‌bo‌u‌t a‌ll yo‌u‌r fri‌e‌nds wi‌ll ge‌t cra‌zy pi‌ctu‌re‌s fro‌m yo‌u‌r da‌rk se‌cre‌t li‌fe‌ a‌nd yo‌u‌r syste‌m wi‌ll be‌ blo‌cke‌d a‌s we‌ll a‌fte‌r 48 ho‌u‌rs.

Do‌ no‌t e‌nd u‌p be‌i‌ng si‌lly!

Po‌li‌ce‌ fo‌rce‌ o‌r pa‌ls wo‌n’t su‌ppo‌rt yo‌u‌ fo‌r su‌re‌ ...

P.S I ca‌n pro‌vi‌de‌ yo‌u‌ wi‌th re‌co‌mme‌nda‌ti‌o‌n wi‌th re‌ga‌rd to‌ the‌ fu‌tu‌re‌. Ne‌ve‌r type‌ i‌n yo‌u‌r pa‌sswo‌rds o‌n u‌nsa‌fe‌ i‌nte‌rne‌t si‌te‌s.

I wi‌sh fo‌r yo‌u‌r di‌scre‌ti‌o‌n.

Fa‌re‌we‌ll.


even though my name is in the from box, I looked and it says adam419smith@yahoo jb. should I be worried????? by the way, I don’t go on porn sites or anything, but I have used putlocker in the past (not in the last three months)

Reply

avatar

No, don't worry

From Josh Kirschner on October 30, 2018 :: 9:41 am

That is exactly the type of email spoofing I describe in the article.

FWIW, the technical discussion in the email you got is pretty humorous, too. Sounds like someone who has no idea how malware works just pulling things out of the air. I’m surprised they’re even technically savvy enough to use bitcoin.

Reply

gravatar

Thank you so much!

From grace on October 30, 2018 :: 4:28 pm

Thank you so much!

Reply

gravatar

Same email

From Polina on October 30, 2018 :: 1:40 pm

My Email has my email from other email-box and a password from another WebSite smile. Author ist Aaron196Smith@yahoo.jp
I should pay 900 Dollar into wa‌lle‌t a‌ddre‌ss: 12pWkM6PnbZbDdRokwJEGAofZFBFqpSnKX.
“If thi‌s do‌e‌s no‌t ha‌ppe‌n - e‌ve‌ry yo‌u‌r co‌nne‌cti‌o‌ns wi‌ll ce‌rta‌i‌nly ge‌t nu‌ts pi‌ctu‌re‌s fro‌m yo‌u‌r da‌rk se‌cre‌t li‌fe‌ a‌nd yo‌u‌r de‌vi‌ce‌ wi‌ll be‌ blo‌cke‌d a‌s we‌ll a‌fte‌r 48 ho‌u‌rs.”
It comes tomorrow

Reply

avatar

Me, too!

From Josh Kirschner on October 31, 2018 :: 11:44 am

Surprised it’s taken so long, but I just received my first porn blackmail email (actually, two sent at the same time with different passwords - both old, low-security ones I used on random sites). I don’t intend to pay, so everyone may get to see photos of my “joys”!

—————————-

I greet you!

I have bad news for you.
06/28/2018 - on this day I hacked your operating system and got full access to your account josh@techlicious.com
On that day your account (josh@techlicious.com) password was: XXXXXXXXX

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say - you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $928 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
- Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

Reply

gravatar

How do I make them stop?

From Grace on October 31, 2018 :: 4:43 pm

I posted a message yesterday, and then I got another email today. Obviously not real, but so annoying!!!!!! How can I make them stop???

Reply

gravatar

The email was sent from MY email account!

From Hamid on November 04, 2018 :: 1:10 pm

I received a very similar email only that it came from my company email account/domain.
Its as if I sent the email to myself..
What’s that about? How is it possible!!

Reply

avatar

It was spoofed

From Josh Kirschner on November 05, 2018 :: 9:14 am

Did you read my note in the article about email spoofing?

Reply

gravatar

The one I received

From Chiming In on November 06, 2018 :: 1:15 am

The version I received
——————————————————
I greet you!

I have bad news for you.
06/28/2018 - on this day I hacked your operating system and got full access to your account EMAIL
On that day your account (EMAIL) password was: PASSWORD
It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say - you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $966 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
- Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

Reply

gravatar

got the same mail, I

From Stimpi on November 06, 2018 :: 3:38 pm

got the same mail, I think it a scam cause my main machine don’t even have camera lol

Reply

gravatar

Calling me?

From Duncan on November 07, 2018 :: 3:34 pm

I started to receive these sorts of emails a while ago. Ended up closing the email account and start another.  Last one they said they have my phone number and showed the last two digits only.  Then, I get these phone calls like every other day for over a week.  The first one I picked up and the other end just hung up.  Every call since then I don’t answer. What is that? Upping the game by calling?

Reply

avatar

Hmm...possible, but I doubt it

From Josh Kirschner on November 08, 2018 :: 8:25 am

The fact that they have your phone number (or at least part of your phone number) isn’t that surprising. That could have come from a breach or through some basic online information searching/matching (since they only show the last two, I suspect that it is the latter, and they don’t even have the full number).

I doubt the calls you’re receiving are related. As we all know, robocalls have become a real societal scourge, so it could easily be a coincidence that you received these calls around the same time as the emails. And for the porn scammers to make real calls would require a lot of time and effort, something I don’t think they would be willing to put in. But it’s possible one of the scammers has determined that a phone call follow up greatly enhances the likelihood of a payout.

That said, you don’t know who was on the other end since nothing was communicated. My bet is that it was a standard robocall. And even if it is a porn scammer, having your phone number means nothing - don’t fall for the scam.

Reply

Read More Comments: 1 2 3 4 5 6 7 8 9

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Newsletter Archive
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.

site design: Juxtaprose