Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Is the Porn Blackmail Scam Real?

by Josh Kirschner on April 22, 2020

What would you do if you received an email from someone claiming to have hacked your computer and recorded you via your webcam while you were engaged in watching porn, then threatening to send the video to everyone in your email and social media contact lists if you don’t pay a $260 ransom? Would you pay the ransom? Even if you’ve never viewed porn, what if they made the same threat to reveal the private details of all your emails?

This is exactly the situation some of our readers found themselves in recently, and they contacted us for help on how to proceed.

Here is an example of one the emails [grammatical errors left intact]:

Good Morning my friend. I represent the group of web criminals in Iran. I use this mail address because we think that you will check it. Few times ago my team put the virus on web-site with porn and as far as you clicked on a play button your system started shooting your screen and activating camera to capture you self-abusing. Eventually I mean you understand what compromising evidence Ive earned. Moreover, this software made your device act as dedicated server with plenty of functions like keylogger, parser etc. To sum up, my software picked all data, especially all your contacts from messengers, e-mails, social networks. If you wanna make me silent you must make a transaction of 260 dollars with bitcoin. 1K2auXQEKz7Ro8cRa2xr3bAPV2n6KT5vi1 You must use it as usual credit card number. If you send bitcoins nobody will see your shame. Watch youtube manuals about methods of buing BTC... I can offer you this exchanger: localbitoins.com.  If you have a problem with this, you can search comfortable ATM for bitcoin at coin atm radar. I give you no more than twenty four hours since you read our message to pay. You can complain cops, but they can not find us I use bot network, and of course we live abroad. If you want us to show proofs we will share it to seven mates from your data after that you will be given their contacts. So you will ask them if something strange was received about you. For some questions just reply. Dont be fullish, AmAZinGcRackeR$.

Scary, right? And there have been instances where victims’ computers were hacked, they were filmed in various states of undress (or worse) and then blackmailed that may make this threat seem all too real. But there are several indications that this is nothing more than a phishing scam, hoping to rope in active porn watchers with false threats (an easy demographic to target via mass email given that the world’s largest porn site, Pornhub.com, gets 75 million visitors PER DAY).

First, there is nothing in the email that demonstrates they know anything personally about you: it’s not addressed to you by name and there’s no detail about what site you supposedly visited and when. Nor did they supply a screenshot of the “self-abusing” they allege to have captured. In fact, they are explicitly discouraging you from asking for proof, by threatening to share said “proofs” with your “mates” if you ask. That is completely contrary to how we would expect a real hacker/blackmailer to act – if I wanted to scare the bejesus out of you to get you to pay, the first thing I would do is show you a compromising screen capture to prove that this is very, very real.

Another red flag is that when our readers ran scans using antimalware tools, no malware was detected. Antimalware tools aren’t perfect, but the better ones should have picked up the type of remote administration tool (RAT) described in the email.

Searching the web, there are reports of people receiving similar email scams, going back at least to last fall. The wording of the email varies, including where the scammers claim they’re from, the nature of their threat and the amount of money being demanded. Some people are falling for them, but fortunately not many. I researched a selection of the bitcoin accounts used in these scams and none of the emails had duped more than a handful of victims.

Unfortunately, these scams will likely continue and morph into new threats as the ubiquity of bitcoin makes it easier for scammers to hide behind these accounts and for victims to pay. In fact, while this article was originally written in March of 2018, Sophos security recently released a new study, based on millions of porn blackmail emails that were sent between September 2019 and March 2020, demonstrating this to be the case. During that period, sextortion emails made up 4.23% of all spam observed by Sophos. The study also showed scammers are using new methods for obfuscating email content to evade spam filters, enabling them to collect nearly a half million dollars in payments from victims during the same period. Fortunately, despite some payouts, potential victims seem to be becoming wise to the scam, as only half a percent of the Bitcoin addresses used in the spam messages received any payment, according to Sophos.

So, if you get one of these emails, should you pay the ransom before all your friends find out what you’ve been up to?

The answer is no, don’t be “fullish”.

[EDITOR'S NOTE REGARDING PASSWORD APPEARING IN THE EMAIL SCAM 7/12/18: A number of people have posted in the comments that they received a version of the email which includes a real password they've used in the past. Does this mean that they should be concerned? The answer is No and Yes. No, you shouldn't be concerned that your computer was hacked and you were actually filmed watching porn - it's still a scam. But, yes, you should be concerned that your password has been leaked through a data breach. Security researcher Troy Hunt has uncovered more than 500 million passwords leaked through these breaches. That password in the email was likely one of them. 

If it is still an active password for you, the scam email should be a big wake up call that you need to ensure you are using unique and secure passwords for every one of your accounts. We strongly recommend a password manager like Dashlane or 1Password , which will automatically check your passwords to see if they have been revealed in a breach and help you create unique, secure ones for every site.]

[EDITOR'S NOTE WARNING ABOUT ATTACHMENTS 7/20/18: One reader reported receiving an attachment titled "Invoice" with the porn scam email. If you get an attachment, DO NOT OPEN IT. Email attachments are one of the primary ways hackers use to install malware on your computer, which could turn this fake malware scam into a very real one.]

[EDITOR'S NOTE ABOUT EMAIL SPOOFING 10/19/18: Many readers are commenting that the porn blackmail email appears to be sent from their own email address, causing added concern the hacking claims may be real. But don't be fooled. Email spoofing has been around for a long time and is relatively easy to do. Usually the message headers will reveal the true sending email address. Here's how to tell if an email has been spoofed.]

[EDITOR'S NOTE ABOUT WORK VS PERSONAL EMAILS 1/21/19: A number of people are expressing concern in the comments that the blackmail email is coming to their work email, instead of their personal email (or both). It doesn't matter — an email address is a email address as far as this scam goes. Billions of emails have been leaked over the years, many of those from business-focused services such as Dropbox, LinkedIn and Adobe. If I check to see which of my email addresses have been involved in breaches, my work email has been breached many more times than my personal email.

Originally published 3/12/18. Updated 4/22/2020 with new data from Sophos

[Image credit: Man in a dark room at a computer via BigStockPhoto]


Topics

Computer Safety & Support, News, Computers and Software, Blog


Discussion loading

gravatar

From Josh Kirschner on October 31, 2018 :: 12:44 pm


Surprised it’s taken so long, but I just received my first porn blackmail email (actually, two sent at the same time with different passwords - both old, low-security ones I used on random sites). I don’t intend to pay, so everyone may get to see photos of my “joys”!

—————————-

I greet you!

I have bad news for you.
06/28/2018 - on this day I hacked your operating system and got full access to your account josh@techlicious.com
On that day your account (josh@techlicious.com) password was: XXXXXXXXX

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say - you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $928 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
- Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

Reply

gravatar

From Grace on October 31, 2018 :: 5:43 pm


I posted a message yesterday, and then I got another email today. Obviously not real, but so annoying!!!!!! How can I make them stop???

Reply

gravatar

From Hamid on November 04, 2018 :: 2:10 pm


I received a very similar email only that it came from my company email account/domain.
Its as if I sent the email to myself..
What’s that about? How is it possible!!

Reply

gravatar

From Josh Kirschner on November 05, 2018 :: 10:14 am


Did you read my note in the article about email spoofing?

Reply

gravatar

From Chiming In on November 06, 2018 :: 2:15 am


The version I received
——————————————————
I greet you!

I have bad news for you.
06/28/2018 - on this day I hacked your operating system and got full access to your account EMAIL
On that day your account (EMAIL) password was: PASSWORD
It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say - you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $966 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
- Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

Reply

gravatar

From Stimpi on November 06, 2018 :: 4:38 pm


got the same mail, I think it a scam cause my main machine don’t even have camera lol

Reply

gravatar

From Duncan on November 07, 2018 :: 4:34 pm


I started to receive these sorts of emails a while ago. Ended up closing the email account and start another.  Last one they said they have my phone number and showed the last two digits only.  Then, I get these phone calls like every other day for over a week.  The first one I picked up and the other end just hung up.  Every call since then I don’t answer. What is that? Upping the game by calling?

Reply

gravatar

From Josh Kirschner on November 08, 2018 :: 9:25 am


The fact that they have your phone number (or at least part of your phone number) isn’t that surprising. That could have come from a breach or through some basic online information searching/matching (since they only show the last two, I suspect that it is the latter, and they don’t even have the full number).

I doubt the calls you’re receiving are related. As we all know, robocalls have become a real societal scourge, so it could easily be a coincidence that you received these calls around the same time as the emails. And for the porn scammers to make real calls would require a lot of time and effort, something I don’t think they would be willing to put in. But it’s possible one of the scammers has determined that a phone call follow up greatly enhances the likelihood of a payout.

That said, you don’t know who was on the other end since nothing was communicated. My bet is that it was a standard robocall. And even if it is a porn scammer, having your phone number means nothing - don’t fall for the scam.

Reply

gravatar

From Theresa Lynn Wilson on November 10, 2018 :: 1:31 pm


I also recieved 1 of these emails it was sent to me useing my own email addresswhat do i do

Reply

gravatar

From Jemma on November 11, 2018 :: 4:18 pm


Dear user of gmail.com!

I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence:
- I sent you this email from your account.
- Password from account g.easingwood49@gmail.com: 20132 (on moment of hack).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt… on you…
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

I know what you like hard funs (adult sites).
Oh, yes .. I’m know your secret life, which you are hiding from everyone.
Oh my God, what are your like… I saw THIS ... Oh, you dirty naughty person ... smile

I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
Believe it turned out very high quality!

So, to the business!
I’m sure you don’t want to show these files and visiting history to all your contacts.

Transfer $829 to my Bitcoin cryptocurrency wallet: 1Bt4psBJmjfVTcW6eYiJZ6HEbpFgKkBSX4
Just copy and paste the wallet number when transferring.
If you do not know how to do this - ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am “working” with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Reply

gravatar

From K on November 16, 2018 :: 8:25 am


I’ve received the e-mail word for word just yesterday, and have reported the BTC account.

Reply

gravatar

From Viktoria on November 11, 2018 :: 4:36 pm


I received already about 50 e-mails of that type during last two months… So I really feel myself as mostly pervert person in the world )) Today I received the last warning, my life would be ruined soon…


Good day, my victim.
I know your password - *******
That is my last warning.
I write you inasmuch as I put a trojan on the internet site with pornography that you have visited.
My spyware got all your personal data and switched on your webcam which captured the process of your masturbation.
Soon after that trojan saved your contact list.
I’ll remove the compromising video and all the information if you pay me 600 USD in bitcoin.
This is wallet address for payment : 1KDqvBnwVr6bnvdeNBBT8vfhanAq6dyb1f
(you can google on “how to buy bitcoin”)
I give you 30 hours once you view my message to make the payment.
As soon as you see the email I’ll know it right away.
It is not necessary to inform me that you’ve sent money to me. That address is related to you, my system will eliminate everything instantly after transfer confirmation.
You can visit the police but no body can not help you.
In the event that you attempt to cheat me, I’ll see it immediately!
I don’t live in your country. So no body can not track my place even for 9 months.
Do not forget about the disgrace. Your life may be ruined.

Reply

gravatar

From Stimpi on November 11, 2018 :: 7:24 pm


So far 5 days passed and still didn’t got any pc locked since the mail,

I be cautious here but I think it was just scam message

Reply

gravatar

From S.k on November 13, 2018 :: 2:02 pm


Does anyone have any follow up? Especially from those who did not pay. Please let me know.

Reply

gravatar

From TBE on March 19, 2019 :: 1:17 pm


Well, for me nothing has happened :D ... already 2months has passed.

In conclusion these emails are just spam scams.

Reply

gravatar

From Kartika Nair on November 14, 2018 :: 2:10 am


I got this in my official email today, not sure if its a scam or legit, this is how it goes:

“hello, victim.
I write you inasmuch as I buried a trojan on the web page with porno which you have visited.
My virus grabbed all your private info and switched on your webcam which captured the process of your masturbation. Just after that the malware saved your contact list.
I will erase the compromising video and information if you send me 999 USD in bitcoin.
This is wallet address for payment : 17ATjzBRSYot8be81GukKCVEgo5r4btDuD
I give you 30 hours after you open my message for making the payment.
As soon as you open the message I’ll see it immediately.
It is not necessary to tell me that you have paid to me. This address is connected to you, my system will delete everything automatically after transfer confirmation.
If you need 48 hours just Open the calculator on your desktop and press +++
If you don’t pay, I’ll send dirt to all your contacts.   
Let me remind you-I see what you’re doing!
You can visit the police station but nothing can’t help you.
If you try to cheat me , I’ll know it immediately!
I don’t live in your country. So anybody can not find my location even for 9 months.
bye. Don’t forget about the disgrace and to ignore, Your life can be ruined.”

Do you think its a scam? How would they even get my private email?

Reply

gravatar

From TBE on March 19, 2019 :: 1:37 pm


There are two ways why this happened to your private email.

First is that it was breached somewhere.

Second is that they have tried various combination of email names, they have verified if these emails exist and sent them a message ( Link to a video that shows how to verify an email and if that email exists using PHP: https://youtu.be/Ry_-VRhf9Ew ).

Reply

gravatar

From TBE on March 19, 2019 :: 1:45 pm


Well I think it is a 2nd way they have used to get your email address…

When you look on your email, you can see they didn’t include your password so it means to get your email address they have used the 2nd way I have mentioned.

Other emails that are mentioned here in this blog comment section have password included so it means these email addresses were in some breach.

Reply

gravatar

From ThinkandStopSpreadingYourPersonalDetails on November 14, 2018 :: 3:32 am


Amusing wink

I use aliases for most non-official activities (gaming, etc.) online to avoid exactly this. They hack someone’s email find your email

Here’s my sample.

“Hi‌ the‌re‌, I a‌ctu‌a‌lly kno‌w the‌ fi‌lthy se‌cre‌ts o‌f yo‌u‌r li‌fe‌. I wi‌ll no‌t re‌ve‌a‌l yo‌u‌ ju‌st wha‌t e‌xa‌ctly I kno‌w, I’ve‌ e‌ve‌ry de‌ta‌i‌l a‌lo‌ng wi‌th me‌. To‌ sho‌w my po‌i‌nt, ju‌st le‌t myse‌lf i‌nfo‌rm yo‌u‌ tha‌t o‌ne‌ o‌f yo‌u‌r se‌cu‌ri‌ty pa‌sswo‌rds i‌s de‌fi‌ni‌te‌ly gre. Pa‌y me‌ $6000 vi‌a‌ Bi‌tco‌i‌n to‌ the‌ a‌ddre‌ss 1Bod3marthfpPfTmwzAtrzbwxbAepenNWh wi‌thi‌n the‌ ne‌xt 42 ho‌u‌rs. I wi‌ll ma‌ke‌ o‌ne‌ thi‌ng stra‌i‌ghtfo‌rwa‌rd, tha‌t I wi‌ll me‌ss u‌p yo‌u‌r li‌fe‌ e‌nti‌re‌ly i‌f I do‌ no‌t ge‌t the‌ pa‌yme‌nt. Ho‌we‌ve‌r, i‌f I do‌ ge‌t the‌ pa‌yme‌nt, I’m go‌i‌ng to‌ de‌le‌te‌ e‌ve‌ry si‌ngle‌ i‌nfo‌rma‌ti‌o‌n I ha‌ve‌ wi‌th me‌, a‌nd I wi‌ll go‌ a‌wa‌y fo‌r go‌o‌d a‌nd yo‌u‌ wi‌ll do‌n’t e‌ve‌r he‌a‌r a‌ thi‌ng fro‌m me‌. Thi‌s i‌s a‌ctu‌a‌lly the‌ fi‌rst a‌nd a‌lso‌ la‌st ma‌i‌l fro‌m me‌ a‌nd the‌ o‌ffe‌r i‌s no‌n ne‌go‌ti‌a‌ble‌s, so‌ do‌ no‌t re‌ply to‌ thi‌s e‌ma‌i‌l.”

Reply

gravatar

From JACK on November 14, 2018 :: 10:18 am


hi i received this email today on my phone…

it concerns me as the passphrase is correct, the i only have a phone?

pcfd2005 o‌ne o‌f yo‌ur passphra‌ses. Lets g‌et ri‌ght to th‌e poi‌nt. No‌ on‌e ha‌s pai‌d m‌e to‌ inv‌esti‌ga‌te a‌bo‌ut yo‌u. Yo‌u do‌n’t kno‌w m‌e and yo‌u a‌r‌e mo‌st li‌k‌ely wo‌nd‌ering why you’r‌e g‌etti‌ng thi‌s ‌e-ma‌i‌l?

a‌ctua‌lly, i‌ actua‌lly i‌nsta‌ll‌ed a‌ ma‌lwa‌r‌e o‌n th‌e 18+ vids (po‌rno‌graphy) web si‌t‌e a‌nd gu‌ess wha‌t, you vi‌sited thi‌s w‌ebsi‌te to‌ ha‌v‌e fun (yo‌u kno‌w wha‌t i‌ m‌ea‌n). When yo‌u w‌er‌e watchi‌ng vi‌d‌eo‌ cli‌ps, yo‌ur brows‌er start‌ed o‌ut o‌p‌era‌ti‌ng a‌s a‌ RDP havi‌ng a key lo‌gg‌er whi‌ch ga‌ve m‌e a‌cc‌essi‌bi‌li‌ty to‌ your scr‌e‌en a‌s w‌ell a‌s w‌eb cam‌era‌. a‌ft‌er that, my so‌ftwa‌re gath‌ered ‌ev‌ery on‌e o‌f yo‌ur conta‌cts from yo‌ur Mess‌eng‌er, FB, a‌nd ‌e-ma‌i‌l . a‌nd th‌en i cr‌eat‌ed a do‌uble vi‌deo‌. Fi‌rst part sho‌ws the vi‌d‌eo‌ you w‌ere wa‌tchi‌ng (yo‌u’v‌e go‌t a‌ nice ta‌ste ha‌ha), a‌nd 2nd pa‌rt shows th‌e reco‌rdi‌ng o‌f yo‌ur w‌eb ca‌m‌era‌, & i‌t i‌s you.

You ha‌ve a‌ pa‌i‌r o‌f cho‌i‌c‌es. We wi‌ll ta‌k‌e a‌ lo‌ok a‌t th‌es‌e po‌ssi‌bi‌li‌ties i‌n d‌etai‌ls:

Fi‌rst o‌pti‌on i‌s to‌ ski‌p this m‌essag‌e. Th‌en, i‌ a‌m go‌i‌ng to‌ s‌end out yo‌ur vid‌eo‌tap‌e to‌ ‌each o‌f yo‌ur your co‌nta‌cts a‌nd a‌lso‌ just co‌nsider a‌bo‌ut th‌e di‌sgrac‌e yo‌u wi‌ll d‌efi‌ni‌t‌ely g‌et. o‌r should yo‌u be i‌n a‌ lo‌vi‌ng r‌ela‌ti‌o‌nshi‌p,pr‌ecis‌ely how it wi‌ll a‌ffect?

2nd opti‌o‌n will be to‌ pa‌y me 3000 USD. W‌e a‌re goi‌ng to‌ call i‌t a‌ do‌na‌ti‌o‌n. Co‌nsequ‌ently, i wi‌ll i‌nstantan‌eously di‌sca‌rd your vi‌d‌eo‌ foo‌ta‌g‌e. Yo‌u ca‌n co‌nti‌nu‌e o‌n yo‌ur da‌ily li‌fe li‌k‌e this n‌ever to‌o‌k pla‌ce a‌nd yo‌u wi‌ll not ‌ev‌er hea‌r back a‌gain from m‌e.

Yo‌u’ll ma‌k‌e th‌e pa‌ym‌ent by Bi‌tco‌i‌n (i‌f you do‌ no‌t kno‌w thi‌s, s‌ea‌rch fo‌r ‘ho‌w to‌ buy bi‌t‌co‌in’ in Go‌o‌gl‌e).

B‌T‌C‌ addr‌ess: 1BtUs2L2zgsu4GGuM9g2M5cYPK6y7E71Y1
[ca‌s‌e-s‌ensi‌tiv‌e, co‌py & pa‌ste i‌t]

in ca‌s‌e you a‌r‌e pla‌nni‌ng o‌n go‌i‌ng to‌ the co‌p, w‌ell, thi‌s ‌emai‌l m‌essa‌g‌e ca‌nno‌t b‌e tra‌ced ba‌ck to‌ m‌e. I hav‌e d‌ea‌lt wi‌th my mo‌ves. i‌ am no‌t lo‌oking to d‌ema‌nd a‌ lo‌t, i‌ wi‌sh to‌ b‌e pa‌i‌d fo‌r. i‌ ha‌ve a‌ uni‌que pi‌xel i‌n thi‌s ‌e-ma‌i‌l, a‌nd a‌t thi‌s mo‌m‌ent i‌ kno‌w tha‌t you ha‌v‌e r‌ea‌d thi‌s ma‌il. You ha‌v‌e o‌n‌e day i‌n o‌rd‌er to pa‌y. i‌f i‌ do‌n’t r‌ecei‌v‌e th‌e B‌itC‌o‌i‌ns, i‌ d‌efi‌nit‌ely will s‌end o‌ut yo‌ur vi‌d‌eo‌ to‌ a‌ll of yo‌ur co‌ntacts i‌ncludi‌ngrelati‌ves, co‌wo‌rk‌ers, a‌nd ma‌ny o‌th‌ers. Nev‌erth‌eless, i‌f i‌ r‌ec‌ei‌ve the pa‌ym‌ent, i‌ wi‌ll ‌era‌s‌e th‌e vi‌d‌eo‌ right awa‌y. i‌f yo‌u wa‌nt to ha‌v‌e pro‌o‌f, r‌eply Y‌eah a‌nd i‌ d‌efi‌ni‌t‌ely wi‌ll send out yo‌ur vid‌eo‌ reco‌rdi‌ng to‌ your 6 fri‌ends. i‌t’s a‌ no‌n:nego‌ti‌able off‌er, thus do‌n’t wa‌st‌e my ti‌m‌e & yo‌urs by r‌espondi‌ng to‌ thi‌s m‌essa‌g‌e

not sure what to do about this ?

Reply

gravatar

From BB on March 19, 2019 :: 10:34 am


Report it to the FBI. You can do so on their website. Also, just ignore these jerks. Don’t pay them!

Reply

gravatar

From samee on September 13, 2019 :: 7:19 pm


it is the saaaame,its been about 7months now,mine was in an old email(hotmail)which why i didn’t really get it…lets just ignore them,what scares me do they really don’t care? and didn’t took our pics..? and we can just continue our life? what if they saw our pics somewhere and remembered? i think i can’t really ignore them “:(

Reply

gravatar

From sameee on September 13, 2019 :: 7:21 pm


what if our pics on the dark web…?

Reply

gravatar

From JACK on November 14, 2018 :: 11:04 am


i had the same email message!!!

has my phone been compromised ?
if i do a reset on my phone will that delete any malware on my phone?

Reply

gravatar

From Josh Kirschner on November 14, 2018 :: 11:49 am


I think I covered the question pretty clearly in the article above about what it means if a password is used in the email. Your phone hasn’t been hacked, there is no malware, but you have a password that has been revealed in a data breach. You need to stop using it and ensure you have robust, unique passwords for every site.

Reply

gravatar

From Plz tell me I'll b ok on November 16, 2018 :: 10:37 pm


Plz respond to my post on nov 16 at noon were I said that they messaged me using y own email should I b worried or is it some sort of trick I’m sorry to bother u

Reply

gravatar

From I'm paranoid af on November 16, 2018 :: 1:28 pm


Hey I got an email similar to the rest but it seemed that the person emailed me using my email but got the password wrong should I be worried? Here it is with my info edited out.

On Wednesday, November 7, 2018, <***************@gmail.com> wrote:
Hello!

I’m a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from ***************@gmail.com on moment of crack: ihello

Of course you can will change your password, or already made it.
But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I’m sure you don’t want it. I definitely would not want to ...

I will not do this if you pay me a little amount.
I think $785 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1QHEbZG8NQT6vYCC8pyHvteNcmJ78B3ak3

If you have difficulty with this - Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

Reply

gravatar

From Josh Kirschner on November 19, 2018 :: 12:34 pm


I covered this directly in the article. Look for the 10/19 editor’s note about email spoofing.

Reply

gravatar

From Maya on November 16, 2018 :: 3:06 pm


I got similar email, showing an older password and saying that the email was sent from the exact same one that was hacked. It’s as claimed that it was hacked during he summer and that they knew all of my secrets, take photos of me ,and that they installed malware onto my machine. Also said they know what ‘adult sites i’m on’ jokes on them, i’m a highschool student and underage, also don’t have a webcam soooo…it’s still a little concerning though so I did change my password

Reply

gravatar

From Maya on November 16, 2018 :: 3:09 pm


It turns out someone above me has the exact same email but mine got cut off mid way :/.

Reply

gravatar

From America on November 19, 2018 :: 4:16 pm


Hi,
I received an email today at my works mail saying that they will distribute material of me doing private things,
The subject was UVN ticket #(my email address) you can easily get off.
It said that they were sending the message to that address because they knew it was my work email and I for sure would see it.
They were asking for 350 and they said that I had 21 hours to send the money and that I shouldn’t bother on contacting the police and they had access to my contacts.

The random thing is that I received a message like this over my another personal account and I immediately deleted that account like almost a month ago.
I deleted the Message I received today and scanned my computer with Sophos but should I be worried they will do something back?

Reply

gravatar

From Justin on November 21, 2018 :: 2:32 pm


Just received a email detailing that my email was hacked and that he has my entire internet history and I have 48 hours to send him $835 to his bitcoin account or he will send my history along with videos he has taken of me watching porn to everyone on my contact list.
Bit worried because he wrote what my password was for my hotmail account the email came from my hotmail account as well. Now there is no dodgy that I have looked but it would embarrassing if my friends and family received lists about me.
I am not paying it, I can’t I am skint and unemployed .
I only use my iPad . Should I delete my email and Facebook he said I should not bother changing my passwords because he is already in the system .
Should I contact the police ?

Reply

gravatar

From Josh Kirschner on November 21, 2018 :: 3:36 pm


I cover this pretty clearly in the article above, specifically in the Editor’s Notes about how they get your password and email spoofing.

Reply

gravatar

From P Brown on September 01, 2019 :: 8:58 am


Hi ive had 2 letters off a hack asking for cash to stop him showing videos of me watching porn…..i have banned his email and i got this address

arthurrby@trinkum.evesdropping.xyz

Hes given me till 06.09.18 to pay up , but hes saying he knows what i did on saturday…..30.08.19….which i know i did nothing…....this is his 2nd message to me. No name no picture of me as a taster…...

Reply

gravatar

From Bill Wohler on November 23, 2018 :: 2:46 am


Since I use unique passwords on each site (thanks, PasswordSafe), I was able to identify the compromised site. I notified the site to let them know of the breach of their usernames and passwords and changed my password.

In this particular case, the worse the hacker could do with that information is make a donation to this research organization in my name.

Reply

gravatar

From Josh Kirschner on November 26, 2018 :: 11:08 am


Hi Bill,

Are you willing to share which site you think was the one that was hacked? How long ago did you set up the account there?

Best,
Josh

Reply

gravatar

From Bill Wohler on November 30, 2018 :: 2:13 am


Hi Josh, it was http://reefcheck.org/. I’ve had the account there for years. So far, it’s the only site that I was able to identify uniquely. Don’t let that stop you from donating to them! Good cause, and I’ve performed surveys for them in Monterey.

Thanks for the poke. It reminds me that I should let my dive buddies know to change their passwords.

Apparently there are a lot of script kiddies out there as I’m now getting several of these per day. The given password was one that I used at all of my low security sites many, many years ago so I can’t say which site they came from.

Reply

gravatar

From Josh Kirschner on December 01, 2018 :: 12:00 pm


Hopefully, they’ll do the right thing and notify their members of the potential breach, if they can determine what happened.

Like you, I’ve received these emails with old, low-security passwords. With so many sites being hacked, large and small, it’s a constant reminder why having unique passwords is so important. Now if we can only get the other 98% of people to use password managers…

gravatar

From Dan on November 24, 2018 :: 12:24 pm


They wrote my this:Hello!

I have very bad news for you.
03/08/2018 - on this day I hacked your OS and got full access to your account
On this day your account has password: jobber

So, you can change the password, yes.. But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I’m talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea….
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $814 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 1GR7rJfntdcbfhKT1s33RDby4z5ex1ou4Z

You do not know how to use bitcoins?
Enter a query in any search engine: “how to replenish btc wallet”.
It’s extremely easy

For this payment I give you a little over two days (exactly 55 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.

I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (you yourself will see that this is impossible, I sent this email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Good luck.Is this a scam or it is real?I dont have a camera and my pasword its still mine.

Reply

gravatar

From Blabla on November 25, 2018 :: 8:15 am


I also get this

Reply

gravatar

From blabla on November 28, 2018 :: 6:45 am


They said that my device will be locked after 2 days etc. and after 4 days nothing happens lol. This is the scam. (For other peoples i think this helps so dont be scary) p.s anyway i have changed my email password

Reply

gravatar

From Gaby on November 27, 2018 :: 3:13 am


Hey guys. Got a. Email 6days ago but I just realised it was there. It scared the shit out of me but it is a relief to know it’s been happening for a while. I literally spent the whole noon thinking about which websites I used to visit on 2013as the password the hacker told me he had is a password (actually is just a part of it) I had at that time. Anyway, I’m pasting it here so if anyone receives a similar one and Googles it they will be able to find it and feel better. It’s been like 6 hrs since I opened that email so I’ve got 42 more for the deadline.

Hello there!

i’m a hacker who broke your e mail and device a several weeks ago. you entered your password on one of the internet sites you visited, and i intercepted it. here is the security password from (my email) on time of compromise: (part of my password) obviously you can will change it, or perhaps already changed it. still this would not change anything, my own malware modifie ;d it every time. do not necessarily attempt to get in touch with me personally or even find me, it is impossible, since i sent this email from your email account only. through your own e mail, i uploaded malicious code to your operation system…it continues but the rest is just saying I should pay $900 to a bitcoin wallet etc, etc. Then they offer to give some advice on cyber security and finishes the message saying hasta la vista, which means see ya in Spanish, my mother tongue, which made me shit my pants.

Hope they all get caught someday.

Reply

gravatar

From Nagaden on November 30, 2018 :: 12:43 pm


Got the same email. If you check this scammer’s bitcoin account, many people are falling for this scam and they are making a mint!

https://www.blockchain.com/btc/address/1FgfdebSqbXRciP2DXKJyqPSffX3Sx57RF

@Josh, noticed a typo: “...Troy Hunt has uncovered more *then* 500 million passwords leaked through these breaches.” If you pay me $1,000,000 in BTC, I won’t tell anyone!

Reply

gravatar

From Josh Kirschner on December 01, 2018 :: 11:36 am


Thank you, and fixed. $1,000,000 BTC on its way!

Reply

gravatar

From Mine on December 05, 2018 :: 11:22 am


Since it was the first time a recieved this (this morning) i was a bit worried

her’s the email :

I am well aware adibou93 one of your passphrases. Lets get straight to the point. Not one person has compensated me to check you. You may not know me and you’re most likely wondering why you are getting this e mail?

Let me tell you, i installed a software on the X streaming (pornography) web site and guess what, you visited this website to have fun (you know what i mean). While you were watching videos, your web browser began functioning as a Remote control Desktop with a key logger which provided me access to your display screen and also web cam. after that, my software program gathered all of your contacts from your Messenger, social networks, and email . Next i created a double-screen video. First part displays the video you were viewing (you’ve got a nice taste lol), and next part shows the recording of your cam, & it is you.

You actually have 2 alternatives. Why dont we read these types of possibilities in particulars:

Very first solution is to disregard this message. in this situation, i am going to send out your very own tape to every bit of your contacts and think about about the shame that you receive. and as a consequence in case you are in an intimate relationship, just how it can affect?

Latter alternative will be to compensate me $1617. We are going to call it a donation. Subsequently, i most certainly will promptly erase your video footage. You can keep going everyday life like this never took place and you never will hear back again from me.

You will make the payment via Bitcoin (if you don’t know this, search for ‘how to buy bitcoin’ in Google).

BTC address: 1Q9Sp46qX4VQZUyU3kh7sA4K5hqAErpMvB
[case-sensitive so copy & paste it]

Should you are thinking about going to the law, surely, this mail cannot be traced back to me. I have taken care of my moves. i am just not trying to demand a huge amount, i simply want to be paid. You now have 48 hours to pay. i have a unique pixel in this email message, and at this moment i know that you have read this email message. if i don’t receive the BitCoins, i will definitely send your video recording to all of your contacts including friends and family, coworkers, and so forth. Nevertheless, if i receive the payment, i will destroy the recording immediately. if you want evidence, reply Yea & i definitely will send out your video to your 9 friends. This is a non-negotiable offer and so please do not waste my time & yours by replying to this email message.
—————————————
First : I’ve never used this password !
Second : they don’t mention nothing personal on the email, it’s even not my primary personal email (it’s one of the N I use for different accounts)
Third : I don’t know how to report btc account, so if someone know’s please do it smile

Reply

gravatar

From Dave on December 05, 2018 :: 12:06 pm


The password in the email I received was a very old password so I Googled the password and found this site:

https://pastebin.com/bLBkAJPM


^^ its a bunch of password hashes and passwords.

Reply

gravatar

From Josh Kirschner on December 05, 2018 :: 12:43 pm


That’s a great reminder of how widely exposed these passwords are. And the list you sent is only 8k passwords - there are 500+ million stolen passwords out there. Plus, that list is only the passwords. The “real” lists available on the dark web have the associated email addresses and other personal information.

Reply

gravatar

From Nagaden on December 05, 2018 :: 2:49 pm


I’ve used LastPass for years and recently ran its “Security challenge” which found I had 599 accounts of which about eight had compromised passwords. It’s worth getting signed up for a service that scans for these issues!

Reply

gravatar

From isa on December 05, 2018 :: 6:21 pm


I just opened this email with the subject line:
xxx@xxxxxxxxx.com has been hacked! Change your password immediately!

Should I be worried? Any suggestions on what to do?

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, November 23, 2018 6:42 AM, <xxx@xxxxxxxxx.com> wrote:

> Hello!
>
> I have very bad news for you.
> 03/08/2018 - on this day I hacked your OS and got full access to your account [My email address]
> On this day your account [My email address] has password: [an old, correct password]
>
> So, you can change the password, yes.. But my malware intercepts it every time.
>
> How I made it:
> In the software of the router, through which you went online, was a vulnerability.
> I just hacked this router and placed my malicious code on it.
> When you went online, my trojan was installed on the OS of your device.
>
> After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
>
> A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
> But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
> I’m talk you about sites for adults.
>
> I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!
>
> And I got an idea….
> I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
> After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
> Turned out amazing! You are so spectacular!
>
> I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
> I think $801 is a very, very small amount for my silence.
> Besides, I have been spying on you for so long, having spent a lot of time!
>
> Pay ONLY in Bitcoins!
> My BTC wallet: 1GR7rJfntdcbfhKT1s33RDby4z5ex1ou4Z
>
> You do not know how to use bitcoins?
> Enter a query in any search engine: “how to replenish btc wallet”.
> It’s extremely easy
>
> For this payment I give you a little over two days (exactly 55 hours).
> As soon as this letter is opened, the timer will work.
>
> After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
> If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.
>
> I hope you understand your situation.
>
> -  Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
> -  Do not try to contact me (you yourself will see that this is impossible, I sent this email from your account)
> -  Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.
>   
>    P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
>    This is the word of honor hacker
>   
>    I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.
>   
>    Do not hold evil! I just do my job.
>    Good luck.
>

Reply

gravatar

From Nagaden on December 05, 2018 :: 9:57 pm


I got the same email. They got your email and password from a list of hacked emails and are using that to make it sound more legit. It’s highly unlikely that they got into your router and phones and computers as this would require way more than just your email address.

Others on this thread said they actually were sent attachments of personal files. But this could easily be the hacker trying your email and password to log into iCloud or dropbox or gmail or Facebook or wherever else you may have signed up for and grabbed personal files to scare you into thinking they did all they claimed to do.

So, you should only be concerned only about where you used the email/password combo to access and change those ASAP. And, don’t bother paying them! This is not a sophisticated “super hacker” but rather someone just taking advantage of our fears.

Reply

Read More Comments: 1 2 3 4 5 6 7 8 9 10 11 12 13 14

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.