Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | Quell Pain Relief Review | Browse the Web Anonymously | Complete Guide to Facebook Privacy

Top News Stories

author photo

Is the Porn Blackmail Scam Real?

by on March 12, 2018
in Computer Safety & Support, News, Computers and Software, Blog :: 446 comments

What would you do if you received an email from someone claiming to have hacked your computer and recorded you via your webcam while you were engaged in watching porn, then threatening to send the video to everyone in your email and social media contact lists if you don’t pay a $260 ransom? Would you pay the ransom? Even if you’ve never viewed porn, what if they made the same threat to reveal the private details of all your emails?

This is exactly the situation some of our readers found themselves in recently, and they contacted us for help on how to proceed.

Here is an example of one the emails [grammatical errors left intact]:

Good Morning my friend. I represent the group of web criminals in Iran. I use this mail address because we think that you will check it. Few times ago my team put the virus on web-site with porn and as far as you clicked on a play button your system started shooting your screen and activating camera to capture you self-abusing. Eventually I mean you understand what compromising evidence Ive earned. Moreover, this software made your device act as dedicated server with plenty of functions like keylogger, parser etc. To sum up, my software picked all data, especially all your contacts from messengers, e-mails, social networks. If you wanna make me silent you must make a transaction of 260 dollars with bitcoin. 1K2auXQEKz7Ro8cRa2xr3bAPV2n6KT5vi1 You must use it as usual credit card number. If you send bitcoins nobody will see your shame. Watch youtube manuals about methods of buing BTC... I can offer you this exchanger: localbitoins.com.  If you have a problem with this, you can search comfortable ATM for bitcoin at coin atm radar. I give you no more than twenty four hours since you read our message to pay. You can complain cops, but they can not find us I use bot network, and of course we live abroad. If you want us to show proofs we will share it to seven mates from your data after that you will be given their contacts. So you will ask them if something strange was received about you. For some questions just reply. Dont be fullish, AmAZinGcRackeR$.

Scary, right? And there have been instances where victims’ computers were hacked, they were filmed in various states of undress (or worse) and then blackmailed that may make this threat seem all too real. But there are several indications that this is nothing more than a phishing scam, hoping to rope in active porn watchers with false threats (an easy demographic to target via mass email given that the world’s largest porn site, Pornhub.com, gets 75 million visitors PER DAY).

First, there is nothing in the email that demonstrates they know anything personally about you: it’s not addressed to you by name and there’s no detail about what site you supposedly visited and when. Nor did they supply a screenshot of the “self-abusing” they allege to have captured. In fact, they are explicitly discouraging you from asking for proof, by threatening to share said “proofs” with your “mates” if you ask. That is completely contrary to how we would expect a real hacker/blackmailer to act – if I wanted to scare the bejesus out of you to get you to pay, the first thing I would do is show you a compromising screen capture to prove that this is very, very real.

Another red flag is that when our readers ran scans using antimalware tools, no malware was detected. Antimalware tools aren’t perfect, but the better ones should have picked up the type of remote administration tool (RAT) described in the email.

Searching the web, there are reports of people receiving similar email scams, going back at least to last fall. The wording of the email varies, including where the scammers claim they’re from, the nature of their threat and the amount of money being demanded. Some people are falling for them, but fortunately not many. I researched a selection of the bitcoin accounts used in these scams and none of the emails had duped more than a handful of victims.

Unfortunately, these scams will likely continue and morph into new threats as the ubiquity of bitcoin makes it easier for scammers to hide behind these accounts and for victims to pay.

So, if you get one of these emails, should you pay the ransom before all your friends find out what you’ve been up to?

The answer is no, don’t be “fullish”.

[EDITOR'S NOTE 7/12/18: A number of people have posted in the comments that they received a version of the email which includes a real password they've used in the past. Does this mean that they should be concerned? The answer is No and Yes. No, you shouldn't be concerned that your computer was hacked and you were actually filmed watching porn - it's still a scam. But, yes, you should be concerned that your password has been leaked through a data breach. Security researcher Troy Hunt has uncovered more than 500 million passwords leaked through these breaches. That password in the email was likely one of them. 

If it is still an active password for you, the scam email should be a big wake up call that you need to ensure you are using unique and secure passwords for every one of your accounts. We strongly recommend a password manager like Dashlane or 1Password , which will automatically check your passwords to see if they have been revealed in a breach and help you create unique, secure ones for every site.]

[EDITOR'S NOTE 7/20/18: One reader reported receiving an attachment titled "Invoice" with the porn scam email. If you get an attachment, DO NOT OPEN IT. Email attachments are one of the primary ways hackers use to install malware on your computer, which could turn this fake malware scam into a very real one.]

[EDITOR'S NOTE ABOUT EMAIL SPOOFING 10/19/18: Many readers are commenting that the porn blackmail email appears to be sent from their own email address, causing added concern the hacking claims may be real. But don't be fooled. Email spoofing has been around for long time and is relatively easy to do. Usually the message headers will reveal the true sending email address. Here's how to tell if an email has been spoofed.]

[Image credit: Man in a dark room at a computer via BigStockPhoto]



Discussion loading

hacked or not

From Theresa Lynn Wilson on November 10, 2018 :: 12:31 pm

I also recieved 1 of these emails it was sent to me useing my own email addresswhat do i do

Reply

gravatar

more spam

From Jemma on November 11, 2018 :: 3:18 pm

Dear user of gmail.com!

I am a spyware software developer.
Your account has been hacked by me in the summer of 2018.

I understand that it is hard to believe, but here is my evidence:
- I sent you this email from your account.
- Password from account g.easingwood49@gmail.com: 20132 (on moment of hack).

The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

I went around the security system in the router, installed an exploit there.
When you went online, my exploit downloaded my malicious code (rootkit) to your device.
This is driver software, I constantly updated it, so your antivirus is silent all time.

Since then I have been following you (I can connect to your device via the VNC protocol).
That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
I also have access to the camera on your device, and I periodically take photos and videos with you.

At the moment, I have harvested a solid dirt… on you…
I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

I know what you like hard funs (adult sites).
Oh, yes .. I’m know your secret life, which you are hiding from everyone.
Oh my God, what are your like… I saw THIS ... Oh, you dirty naughty person ... smile

I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
Believe it turned out very high quality!

So, to the business!
I’m sure you don’t want to show these files and visiting history to all your contacts.

Transfer $829 to my Bitcoin cryptocurrency wallet: 1Bt4psBJmjfVTcW6eYiJZ6HEbpFgKkBSX4
Just copy and paste the wallet number when transferring.
If you do not know how to do this - ask Google.

My system automatically recognizes the translation.
As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
Do not worry, I really will delete everything, since I am “working” with many people who have fallen into your position.
You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

Since opening this letter you have 48 hours.
If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
and from my server will automatically send email and sms to all your contacts with compromising material.

I advise you to remain prudent and not engage in nonsense (all files on my server).

Reply

gravatar

Sexploitation with Old Password

From K on November 16, 2018 :: 7:25 am

I’ve received the e-mail word for word just yesterday, and have reported the BTC account.

Reply

gravatar

Really tired from that...

From Viktoria on November 11, 2018 :: 3:36 pm

I received already about 50 e-mails of that type during last two months… So I really feel myself as mostly pervert person in the world )) Today I received the last warning, my life would be ruined soon…


Good day, my victim.
I know your password - *******
That is my last warning.
I write you inasmuch as I put a trojan on the internet site with pornography that you have visited.
My spyware got all your personal data and switched on your webcam which captured the process of your masturbation.
Soon after that trojan saved your contact list.
I’ll remove the compromising video and all the information if you pay me 600 USD in bitcoin.
This is wallet address for payment : 1KDqvBnwVr6bnvdeNBBT8vfhanAq6dyb1f
(you can google on “how to buy bitcoin”)
I give you 30 hours once you view my message to make the payment.
As soon as you see the email I’ll know it right away.
It is not necessary to inform me that you’ve sent money to me. That address is related to you, my system will eliminate everything instantly after transfer confirmation.
You can visit the police but no body can not help you.
In the event that you attempt to cheat me, I’ll see it immediately!
I don’t live in your country. So no body can not track my place even for 9 months.
Do not forget about the disgrace. Your life may be ruined.

Reply

gravatar

So far 5 days passed

From Stimpi on November 11, 2018 :: 6:24 pm

So far 5 days passed and still didn’t got any pc locked since the mail,

I be cautious here but I think it was just scam message

Reply

gravatar

Does anyone have any follow

From S.k on November 13, 2018 :: 1:02 pm

Does anyone have any follow up? Especially from those who did not pay. Please let me know.

Reply

gravatar

First time email

From Kartika Nair on November 14, 2018 :: 1:10 am

I got this in my official email today, not sure if its a scam or legit, this is how it goes:

“hello, victim.
I write you inasmuch as I buried a trojan on the web page with porno which you have visited.
My virus grabbed all your private info and switched on your webcam which captured the process of your masturbation. Just after that the malware saved your contact list.
I will erase the compromising video and information if you send me 999 USD in bitcoin.
This is wallet address for payment : 17ATjzBRSYot8be81GukKCVEgo5r4btDuD
I give you 30 hours after you open my message for making the payment.
As soon as you open the message I’ll see it immediately.
It is not necessary to tell me that you have paid to me. This address is connected to you, my system will delete everything automatically after transfer confirmation.
If you need 48 hours just Open the calculator on your desktop and press +++
If you don’t pay, I’ll send dirt to all your contacts.   
Let me remind you-I see what you’re doing!
You can visit the police station but nothing can’t help you.
If you try to cheat me , I’ll know it immediately!
I don’t live in your country. So anybody can not find my location even for 9 months.
bye. Don’t forget about the disgrace and to ignore, Your life can be ruined.”

Do you think its a scam? How would they even get my private email?

Reply

gravatar

on today's menu

From ThinkandStopSpreadingYourPersonalDetails on November 14, 2018 :: 2:32 am

Amusing wink

I use aliases for most non-official activities (gaming, etc.) online to avoid exactly this. They hack someone’s email find your email

Here’s my sample.

“Hi‌ the‌re‌, I a‌ctu‌a‌lly kno‌w the‌ fi‌lthy se‌cre‌ts o‌f yo‌u‌r li‌fe‌. I wi‌ll no‌t re‌ve‌a‌l yo‌u‌ ju‌st wha‌t e‌xa‌ctly I kno‌w, I’ve‌ e‌ve‌ry de‌ta‌i‌l a‌lo‌ng wi‌th me‌. To‌ sho‌w my po‌i‌nt, ju‌st le‌t myse‌lf i‌nfo‌rm yo‌u‌ tha‌t o‌ne‌ o‌f yo‌u‌r se‌cu‌ri‌ty pa‌sswo‌rds i‌s de‌fi‌ni‌te‌ly gre. Pa‌y me‌ $6000 vi‌a‌ Bi‌tco‌i‌n to‌ the‌ a‌ddre‌ss 1Bod3marthfpPfTmwzAtrzbwxbAepenNWh wi‌thi‌n the‌ ne‌xt 42 ho‌u‌rs. I wi‌ll ma‌ke‌ o‌ne‌ thi‌ng stra‌i‌ghtfo‌rwa‌rd, tha‌t I wi‌ll me‌ss u‌p yo‌u‌r li‌fe‌ e‌nti‌re‌ly i‌f I do‌ no‌t ge‌t the‌ pa‌yme‌nt. Ho‌we‌ve‌r, i‌f I do‌ ge‌t the‌ pa‌yme‌nt, I’m go‌i‌ng to‌ de‌le‌te‌ e‌ve‌ry si‌ngle‌ i‌nfo‌rma‌ti‌o‌n I ha‌ve‌ wi‌th me‌, a‌nd I wi‌ll go‌ a‌wa‌y fo‌r go‌o‌d a‌nd yo‌u‌ wi‌ll do‌n’t e‌ve‌r he‌a‌r a‌ thi‌ng fro‌m me‌. Thi‌s i‌s a‌ctu‌a‌lly the‌ fi‌rst a‌nd a‌lso‌ la‌st ma‌i‌l fro‌m me‌ a‌nd the‌ o‌ffe‌r i‌s no‌n ne‌go‌ti‌a‌ble‌s, so‌ do‌ no‌t re‌ply to‌ thi‌s e‌ma‌i‌l.”

Reply

gravatar

has my phone contacts been hacked ?

From JACK on November 14, 2018 :: 9:18 am

hi i received this email today on my phone…

it concerns me as the passphrase is correct, the i only have a phone?

pcfd2005 o‌ne o‌f yo‌ur passphra‌ses. Lets g‌et ri‌ght to th‌e poi‌nt. No‌ on‌e ha‌s pai‌d m‌e to‌ inv‌esti‌ga‌te a‌bo‌ut yo‌u. Yo‌u do‌n’t kno‌w m‌e and yo‌u a‌r‌e mo‌st li‌k‌ely wo‌nd‌ering why you’r‌e g‌etti‌ng thi‌s ‌e-ma‌i‌l?

a‌ctua‌lly, i‌ actua‌lly i‌nsta‌ll‌ed a‌ ma‌lwa‌r‌e o‌n th‌e 18+ vids (po‌rno‌graphy) web si‌t‌e a‌nd gu‌ess wha‌t, you vi‌sited thi‌s w‌ebsi‌te to‌ ha‌v‌e fun (yo‌u kno‌w wha‌t i‌ m‌ea‌n). When yo‌u w‌er‌e watchi‌ng vi‌d‌eo‌ cli‌ps, yo‌ur brows‌er start‌ed o‌ut o‌p‌era‌ti‌ng a‌s a‌ RDP havi‌ng a key lo‌gg‌er whi‌ch ga‌ve m‌e a‌cc‌essi‌bi‌li‌ty to‌ your scr‌e‌en a‌s w‌ell a‌s w‌eb cam‌era‌. a‌ft‌er that, my so‌ftwa‌re gath‌ered ‌ev‌ery on‌e o‌f yo‌ur conta‌cts from yo‌ur Mess‌eng‌er, FB, a‌nd ‌e-ma‌i‌l . a‌nd th‌en i cr‌eat‌ed a do‌uble vi‌deo‌. Fi‌rst part sho‌ws the vi‌d‌eo‌ you w‌ere wa‌tchi‌ng (yo‌u’v‌e go‌t a‌ nice ta‌ste ha‌ha), a‌nd 2nd pa‌rt shows th‌e reco‌rdi‌ng o‌f yo‌ur w‌eb ca‌m‌era‌, & i‌t i‌s you.

You ha‌ve a‌ pa‌i‌r o‌f cho‌i‌c‌es. We wi‌ll ta‌k‌e a‌ lo‌ok a‌t th‌es‌e po‌ssi‌bi‌li‌ties i‌n d‌etai‌ls:

Fi‌rst o‌pti‌on i‌s to‌ ski‌p this m‌essag‌e. Th‌en, i‌ a‌m go‌i‌ng to‌ s‌end out yo‌ur vid‌eo‌tap‌e to‌ ‌each o‌f yo‌ur your co‌nta‌cts a‌nd a‌lso‌ just co‌nsider a‌bo‌ut th‌e di‌sgrac‌e yo‌u wi‌ll d‌efi‌ni‌t‌ely g‌et. o‌r should yo‌u be i‌n a‌ lo‌vi‌ng r‌ela‌ti‌o‌nshi‌p,pr‌ecis‌ely how it wi‌ll a‌ffect?

2nd opti‌o‌n will be to‌ pa‌y me 3000 USD. W‌e a‌re goi‌ng to‌ call i‌t a‌ do‌na‌ti‌o‌n. Co‌nsequ‌ently, i wi‌ll i‌nstantan‌eously di‌sca‌rd your vi‌d‌eo‌ foo‌ta‌g‌e. Yo‌u ca‌n co‌nti‌nu‌e o‌n yo‌ur da‌ily li‌fe li‌k‌e this n‌ever to‌o‌k pla‌ce a‌nd yo‌u wi‌ll not ‌ev‌er hea‌r back a‌gain from m‌e.

Yo‌u’ll ma‌k‌e th‌e pa‌ym‌ent by Bi‌tco‌i‌n (i‌f you do‌ no‌t kno‌w thi‌s, s‌ea‌rch fo‌r ‘ho‌w to‌ buy bi‌t‌co‌in’ in Go‌o‌gl‌e).

B‌T‌C‌ addr‌ess: 1BtUs2L2zgsu4GGuM9g2M5cYPK6y7E71Y1
[ca‌s‌e-s‌ensi‌tiv‌e, co‌py & pa‌ste i‌t]

in ca‌s‌e you a‌r‌e pla‌nni‌ng o‌n go‌i‌ng to‌ the co‌p, w‌ell, thi‌s ‌emai‌l m‌essa‌g‌e ca‌nno‌t b‌e tra‌ced ba‌ck to‌ m‌e. I hav‌e d‌ea‌lt wi‌th my mo‌ves. i‌ am no‌t lo‌oking to d‌ema‌nd a‌ lo‌t, i‌ wi‌sh to‌ b‌e pa‌i‌d fo‌r. i‌ ha‌ve a‌ uni‌que pi‌xel i‌n thi‌s ‌e-ma‌i‌l, a‌nd a‌t thi‌s mo‌m‌ent i‌ kno‌w tha‌t you ha‌v‌e r‌ea‌d thi‌s ma‌il. You ha‌v‌e o‌n‌e day i‌n o‌rd‌er to pa‌y. i‌f i‌ do‌n’t r‌ecei‌v‌e th‌e B‌itC‌o‌i‌ns, i‌ d‌efi‌nit‌ely will s‌end o‌ut yo‌ur vi‌d‌eo‌ to‌ a‌ll of yo‌ur co‌ntacts i‌ncludi‌ngrelati‌ves, co‌wo‌rk‌ers, a‌nd ma‌ny o‌th‌ers. Nev‌erth‌eless, i‌f i‌ r‌ec‌ei‌ve the pa‌ym‌ent, i‌ wi‌ll ‌era‌s‌e th‌e vi‌d‌eo‌ right awa‌y. i‌f yo‌u wa‌nt to ha‌v‌e pro‌o‌f, r‌eply Y‌eah a‌nd i‌ d‌efi‌ni‌t‌ely wi‌ll send out yo‌ur vid‌eo‌ reco‌rdi‌ng to‌ your 6 fri‌ends. i‌t’s a‌ no‌n:nego‌ti‌able off‌er, thus do‌n’t wa‌st‌e my ti‌m‌e & yo‌urs by r‌espondi‌ng to‌ thi‌s m‌essa‌g‌e

not sure what to do about this ?

Reply

gravatar

has my phone contacts been hacked ?

From JACK on November 14, 2018 :: 10:04 am

i had the same email message!!!

has my phone been compromised ?
if i do a reset on my phone will that delete any malware on my phone?

Reply

avatar

Did you read the article?

From Josh Kirschner on November 14, 2018 :: 10:49 am

I think I covered the question pretty clearly in the article above about what it means if a password is used in the email. Your phone hasn’t been hacked, there is no malware, but you have a password that has been revealed in a data breach. You need to stop using it and ensure you have robust, unique passwords for every site.

Reply

gravatar

Paranoid af

From Plz tell me I'll b ok on November 16, 2018 :: 9:37 pm

Plz respond to my post on nov 16 at noon were I said that they messaged me using y own email should I b worried or is it some sort of trick I’m sorry to bother u

Reply

gravatar

Plz help

From I'm paranoid af on November 16, 2018 :: 12:28 pm

Hey I got an email similar to the rest but it seemed that the person emailed me using my email but got the password wrong should I be worried? Here it is with my info edited out.

On Wednesday, November 7, 2018, <***************@gmail.com> wrote:
Hello!

I’m a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from ***************@gmail.com on moment of crack: ihello

Of course you can will change your password, or already made it.
But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I’m sure you don’t want it. I definitely would not want to ...

I will not do this if you pay me a little amount.
I think $785 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1QHEbZG8NQT6vYCC8pyHvteNcmJ78B3ak3

If you have difficulty with this - Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

Reply

avatar

Read the article note about email spoofing

From Josh Kirschner on November 19, 2018 :: 11:34 am

I covered this directly in the article. Look for the 10/19 editor’s note about email spoofing.

Reply

gravatar

Same but sorta different??

From Maya on November 16, 2018 :: 2:06 pm

I got similar email, showing an older password and saying that the email was sent from the exact same one that was hacked. It’s as claimed that it was hacked during he summer and that they knew all of my secrets, take photos of me ,and that they installed malware onto my machine. Also said they know what ‘adult sites i’m on’ jokes on them, i’m a highschool student and underage, also don’t have a webcam soooo…it’s still a little concerning though so I did change my password

Reply

gravatar

Same but sorta different continued

From Maya on November 16, 2018 :: 2:09 pm

It turns out someone above me has the exact same email but mine got cut off mid way :/.

Reply

gravatar

Scam

From America on November 19, 2018 :: 3:16 pm

Hi,
I received an email today at my works mail saying that they will distribute material of me doing private things,
The subject was UVN ticket #(my email address) you can easily get off.
It said that they were sending the message to that address because they knew it was my work email and I for sure would see it.
They were asking for 350 and they said that I had 21 hours to send the money and that I shouldn’t bother on contacting the police and they had access to my contacts.

The random thing is that I received a message like this over my another personal account and I immediately deleted that account like almost a month ago.
I deleted the Message I received today and scanned my computer with Sophos but should I be worried they will do something back?

Reply

gravatar

Hacked?

From Justin on November 21, 2018 :: 1:32 pm

Just received a email detailing that my email was hacked and that he has my entire internet history and I have 48 hours to send him $835 to his bitcoin account or he will send my history along with videos he has taken of me watching porn to everyone on my contact list.
Bit worried because he wrote what my password was for my hotmail account the email came from my hotmail account as well. Now there is no dodgy that I have looked but it would embarrassing if my friends and family received lists about me.
I am not paying it, I can’t I am skint and unemployed .
I only use my iPad . Should I delete my email and Facebook he said I should not bother changing my passwords because he is already in the system .
Should I contact the police ?

Reply

avatar

Read the article

From Josh Kirschner on November 21, 2018 :: 2:36 pm

I cover this pretty clearly in the article above, specifically in the Editor’s Notes about how they get your password and email spoofing.

Reply

gravatar

Polite of them to include password

From Bill Wohler on November 23, 2018 :: 1:46 am

Since I use unique passwords on each site (thanks, PasswordSafe), I was able to identify the compromised site. I notified the site to let them know of the breach of their usernames and passwords and changed my password.

In this particular case, the worse the hacker could do with that information is make a donation to this research organization in my name.

Reply

gravatar

Will you share which site?

From Josh Kirschner on November 26, 2018 :: 10:08 am

Hi Bill,

Are you willing to share which site you think was the one that was hacked? How long ago did you set up the account there?

Best,
Josh

Reply

gravatar

Site

From Bill Wohler on November 30, 2018 :: 1:13 am

Hi Josh, it was http://reefcheck.org/. I’ve had the account there for years. So far, it’s the only site that I was able to identify uniquely. Don’t let that stop you from donating to them! Good cause, and I’ve performed surveys for them in Monterey.

Thanks for the poke. It reminds me that I should let my dive buddies know to change their passwords.

Apparently there are a lot of script kiddies out there as I’m now getting several of these per day. The given password was one that I used at all of my low security sites many, many years ago so I can’t say which site they came from.

Reply

avatar

Thanks for the update

From Josh Kirschner on December 01, 2018 :: 11:00 am

Hopefully, they’ll do the right thing and notify their members of the potential breach, if they can determine what happened.

Like you, I’ve received these emails with old, low-security passwords. With so many sites being hacked, large and small, it’s a constant reminder why having unique passwords is so important. Now if we can only get the other 98% of people to use password managers…

gravatar

has been hacked! Change your password immediately!

From Dan on November 24, 2018 :: 11:24 am

They wrote my this:Hello!

I have very bad news for you.
03/08/2018 - on this day I hacked your OS and got full access to your account
On this day your account has password: jobber

So, you can change the password, yes.. But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I’m talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea….
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $814 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 1GR7rJfntdcbfhKT1s33RDby4z5ex1ou4Z

You do not know how to use bitcoins?
Enter a query in any search engine: “how to replenish btc wallet”.
It’s extremely easy

For this payment I give you a little over two days (exactly 55 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.

I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (you yourself will see that this is impossible, I sent this email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Good luck.Is this a scam or it is real?I dont have a camera and my pasword its still mine.

Reply

gravatar

Hacked

From Blabla on November 25, 2018 :: 7:15 am

I also get this

Reply

gravatar

hacked

From blabla on November 28, 2018 :: 5:45 am

They said that my device will be locked after 2 days etc. and after 4 days nothing happens lol. This is the scam. (For other peoples i think this helps so dont be scary) p.s anyway i have changed my email password

Reply

gravatar

Same

From Gaby on November 27, 2018 :: 2:13 am

Hey guys. Got a. Email 6days ago but I just realised it was there. It scared the shit out of me but it is a relief to know it’s been happening for a while. I literally spent the whole noon thinking about which websites I used to visit on 2013as the password the hacker told me he had is a password (actually is just a part of it) I had at that time. Anyway, I’m pasting it here so if anyone receives a similar one and Googles it they will be able to find it and feel better. It’s been like 6 hrs since I opened that email so I’ve got 42 more for the deadline.

Hello there!

i’m a hacker who broke your e mail and device a several weeks ago. you entered your password on one of the internet sites you visited, and i intercepted it. here is the security password from (my email) on time of compromise: (part of my password) obviously you can will change it, or perhaps already changed it. still this would not change anything, my own malware modifie ;d it every time. do not necessarily attempt to get in touch with me personally or even find me, it is impossible, since i sent this email from your email account only. through your own e mail, i uploaded malicious code to your operation system…it continues but the rest is just saying I should pay $900 to a bitcoin wallet etc, etc. Then they offer to give some advice on cyber security and finishes the message saying hasta la vista, which means see ya in Spanish, my mother tongue, which made me shit my pants.

Hope they all get caught someday.

Reply

gravatar

Scammers making a mint!

From Nagaden on November 30, 2018 :: 11:43 am

Got the same email. If you check this scammer’s bitcoin account, many people are falling for this scam and they are making a mint!

https://www.blockchain.com/btc/address/1FgfdebSqbXRciP2DXKJyqPSffX3Sx57RF

@Josh, noticed a typo: “...Troy Hunt has uncovered more *then* 500 million passwords leaked through these breaches.” If you pay me $1,000,000 in BTC, I won’t tell anyone!

Reply

avatar

I hate typos!

From Josh Kirschner on December 01, 2018 :: 10:36 am

Thank you, and fixed. $1,000,000 BTC on its way!

Reply

gravatar

I was a bit worried first

From Mine on December 05, 2018 :: 10:22 am

Since it was the first time a recieved this (this morning) i was a bit worried

her’s the email :

I am well aware adibou93 one of your passphrases. Lets get straight to the point. Not one person has compensated me to check you. You may not know me and you’re most likely wondering why you are getting this e mail?

Let me tell you, i installed a software on the X streaming (pornography) web site and guess what, you visited this website to have fun (you know what i mean). While you were watching videos, your web browser began functioning as a Remote control Desktop with a key logger which provided me access to your display screen and also web cam. after that, my software program gathered all of your contacts from your Messenger, social networks, and email . Next i created a double-screen video. First part displays the video you were viewing (you’ve got a nice taste lol), and next part shows the recording of your cam, & it is you.

You actually have 2 alternatives. Why dont we read these types of possibilities in particulars:

Very first solution is to disregard this message. in this situation, i am going to send out your very own tape to every bit of your contacts and think about about the shame that you receive. and as a consequence in case you are in an intimate relationship, just how it can affect?

Latter alternative will be to compensate me $1617. We are going to call it a donation. Subsequently, i most certainly will promptly erase your video footage. You can keep going everyday life like this never took place and you never will hear back again from me.

You will make the payment via Bitcoin (if you don’t know this, search for ‘how to buy bitcoin’ in Google).

BTC address: 1Q9Sp46qX4VQZUyU3kh7sA4K5hqAErpMvB
[case-sensitive so copy & paste it]

Should you are thinking about going to the law, surely, this mail cannot be traced back to me. I have taken care of my moves. i am just not trying to demand a huge amount, i simply want to be paid. You now have 48 hours to pay. i have a unique pixel in this email message, and at this moment i know that you have read this email message. if i don’t receive the BitCoins, i will definitely send your video recording to all of your contacts including friends and family, coworkers, and so forth. Nevertheless, if i receive the payment, i will destroy the recording immediately. if you want evidence, reply Yea & i definitely will send out your video to your 9 friends. This is a non-negotiable offer and so please do not waste my time & yours by replying to this email message.
—————————————
First : I’ve never used this password !
Second : they don’t mention nothing personal on the email, it’s even not my primary personal email (it’s one of the N I use for different accounts)
Third : I don’t know how to report btc account, so if someone know’s please do it smile

Reply

gravatar

Obviously a Scam

From Dave on December 05, 2018 :: 11:06 am

The password in the email I received was a very old password so I Googled the password and found this site:

https://pastebin.com/bLBkAJPM


^^ its a bunch of password hashes and passwords.

Reply

avatar

The tip of the iceberg

From Josh Kirschner on December 05, 2018 :: 11:43 am

That’s a great reminder of how widely exposed these passwords are. And the list you sent is only 8k passwords - there are 500+ million stolen passwords out there. Plus, that list is only the passwords. The “real” lists available on the dark web have the associated email addresses and other personal information.

Reply

gravatar

Get a service that scans for these security issues

From Nagaden on December 05, 2018 :: 1:49 pm

I’ve used LastPass for years and recently ran its “Security challenge” which found I had 599 accounts of which about eight had compromised passwords. It’s worth getting signed up for a service that scans for these issues!

Reply

gravatar

blackmail email

From isa on December 05, 2018 :: 5:21 pm

I just opened this email with the subject line:
xxx@xxxxxxxxx.com has been hacked! Change your password immediately!

Should I be worried? Any suggestions on what to do?

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, November 23, 2018 6:42 AM, <xxx@xxxxxxxxx.com> wrote:

> Hello!
>
> I have very bad news for you.
> 03/08/2018 - on this day I hacked your OS and got full access to your account [My email address]
> On this day your account [My email address] has password: [an old, correct password]
>
> So, you can change the password, yes.. But my malware intercepts it every time.
>
> How I made it:
> In the software of the router, through which you went online, was a vulnerability.
> I just hacked this router and placed my malicious code on it.
> When you went online, my trojan was installed on the OS of your device.
>
> After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
>
> A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
> But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
> I’m talk you about sites for adults.
>
> I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!
>
> And I got an idea….
> I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
> After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
> Turned out amazing! You are so spectacular!
>
> I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
> I think $801 is a very, very small amount for my silence.
> Besides, I have been spying on you for so long, having spent a lot of time!
>
> Pay ONLY in Bitcoins!
> My BTC wallet: 1GR7rJfntdcbfhKT1s33RDby4z5ex1ou4Z
>
> You do not know how to use bitcoins?
> Enter a query in any search engine: “how to replenish btc wallet”.
> It’s extremely easy
>
> For this payment I give you a little over two days (exactly 55 hours).
> As soon as this letter is opened, the timer will work.
>
> After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
> If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.
>
> I hope you understand your situation.
>
> -  Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
> -  Do not try to contact me (you yourself will see that this is impossible, I sent this email from your account)
> -  Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.
>   
>    P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
>    This is the word of honor hacker
>   
>    I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.
>   
>    Do not hold evil! I just do my job.
>    Good luck.
>

Reply

gravatar

Don't worry about it!

From Nagaden on December 05, 2018 :: 8:57 pm

I got the same email. They got your email and password from a list of hacked emails and are using that to make it sound more legit. It’s highly unlikely that they got into your router and phones and computers as this would require way more than just your email address.

Others on this thread said they actually were sent attachments of personal files. But this could easily be the hacker trying your email and password to log into iCloud or dropbox or gmail or Facebook or wherever else you may have signed up for and grabbed personal files to scare you into thinking they did all they claimed to do.

So, you should only be concerned only about where you used the email/password combo to access and change those ASAP. And, don’t bother paying them! This is not a sophisticated “super hacker” but rather someone just taking advantage of our fears.

Reply

gravatar

Blackmail

From Blackmail on December 05, 2018 :: 7:00 pm

I received this yesterday. I was scared but I guess is the same scam.

I guess you’re wondering why you’re receiving this email right?
It would be highly beneficial to your privacy if you didn’t ignore it.
I have placed a Malware on an adult website (…P…0…r…n site) and as you visited and watched the video your device has been affected, placing a spyware on your machine. Which has recorded you both with webcam and screen capture while you had your “fun Time” allowing me to see exactly what you see.
This has also affected your smartphone via an expl0it. So do not think for one minute you can circumvent this by reinstalling your OS. You have already been recorded.
After that my malwares collected all your messengers, emails and social networks contacts.
I guess this isn’t good news right?
But don’t worry too much, there’s a way we can fix this privacy issue. All i require is a Bitcoin payment of £4,800 GBP which I think is a fair price considering the circumstances.
The address to make the payment is: 1PpH3dyTd8kzZN8H9kZdhuwF3RqitdL52a
NOTE: REMEMBER TO RECONFIRM THE BITCOIN ADDRESS WITH US BEFORE MAKING PAYMENT TO AVOID MAKING PAYMENT TWICE.
If you don’t understand bitcoin, go on YouTube and search for “how to buy bitcoin” or google for “local bitcoins”, it’s pretty easy to do it.
You have only 48 hours after reading this e-mail to send payment (Be warned I know when you have opened and read this email, i have placed a pixel image inside it. Which enables me to know when you have opened the messaged on exactly what day and time)
If you decide to ignore this email, I will have no choice but to forward the video to all the collected contacts you have on your email account, as well as post on your social media accounts, and send as a personal message to all Facebook contacts. and of course make the video publicly available on internet, via YouTube and adult websites. considering your reputation, I highly doubt you want to be exposed to your family/friends/coworkers during this current time.
You can actually go to the police, but these people will not likely do anything, the most significant stuff they can do is lock my wallet and you will deprive other people from the opportunity to pay me. So think twice before doing foolish things.
If I receive payment all the material will be destroyed and you will never hear from me again. If I do not get my funds for virtually any reason, such as the inability to send cash to a blacklisted wallet – your reputation is going to be wrecked. So make it fast.
Remember here is my Bitcoin account transfer address - 1PpH3dyTd8kzZN8H9kZdhuwF3RqitdL52a
NOTE: REMEMBER TO RECONFIRM THE BITCOIN ADDRESS WITH US BEFORE MAKING PAYMENT TO AVOID MAKING PAYMENT TWICE.
Do not try to make contact with me because am using a victim email that was hacked and exposed. Only reply to notify me you have made payment or you have questions about making payment then click reply.
If you don’t believe and want proof just reply to this email with “PROOF” and I will send your video to 5 of your contacts via email, and post on your Facebook wall. In which you will be able to remove it once, not forever.

Reply

gravatar

Also a scam?

From John on December 06, 2018 :: 10:13 am

On Tuesday 4th, December I received this email. I guess and I hope is a similar scam. Actually my 48 hours were gone.

Any comments Josh?

I received this yesterday. I was scared but I guess is the same scam.

I guess you’re wondering why you’re receiving this email right?
It would be highly beneficial to your privacy if you didn’t ignore it.
I have placed a Malware on an adult website (…P…0…r…n site) and as you visited and watched the video your device has been affected, placing a spyware on your machine. Which has recorded you both with webcam and screen capture while you had your “fun Time” allowing me to see exactly what you see.
This has also affected your smartphone via an expl0it. So do not think for one minute you can circumvent this by reinstalling your OS. You have already been recorded.
After that my malwares collected all your messengers, emails and social networks contacts.
I guess this isn’t good news right?
But don’t worry too much, there’s a way we can fix this privacy issue. All i require is a Bitcoin payment of £4,800 GBP which I think is a fair price considering the circumstances.
The address to make the payment is: 1PpH3dyTd8kzZN8H9kZdhuwF3RqitdL52a
NOTE: REMEMBER TO RECONFIRM THE BITCOIN ADDRESS WITH US BEFORE MAKING PAYMENT TO AVOID MAKING PAYMENT TWICE.
If you don’t understand bitcoin, go on YouTube and search for “how to buy bitcoin” or google for “local bitcoins”, it’s pretty easy to do it.
You have only 48 hours after reading this e-mail to send payment (Be warned I know when you have opened and read this email, i have placed a pixel image inside it. Which enables me to know when you have opened the messaged on exactly what day and time)
If you decide to ignore this email, I will have no choice but to forward the video to all the collected contacts you have on your email account, as well as post on your social media accounts, and send as a personal message to all Facebook contacts. and of course make the video publicly available on internet, via YouTube and adult websites. considering your reputation, I highly doubt you want to be exposed to your family/friends/coworkers during this current time.
You can actually go to the police, but these people will not likely do anything, the most significant stuff they can do is lock my wallet and you will deprive other people from the opportunity to pay me. So think twice before doing foolish things.
If I receive payment all the material will be destroyed and you will never hear from me again. If I do not get my funds for virtually any reason, such as the inability to send cash to a blacklisted wallet – your reputation is going to be wrecked. So make it fast.
Remember here is my Bitcoin account transfer address - 1PpH3dyTd8kzZN8H9kZdhuwF3RqitdL52a
NOTE: REMEMBER TO RECONFIRM THE BITCOIN ADDRESS WITH US BEFORE MAKING PAYMENT TO AVOID MAKING PAYMENT TWICE.
Do not try to make contact with me because am using a victim email that was hacked and exposed. Only reply to notify me you have made payment or you have questions about making payment then click reply.
If you don’t believe and want proof just reply to this email with “PROOF” and I will send your video to 5 of your contacts via email, and post on your Facebook wall. In which you will be able to remove it once, not forever.

Reply

Read More Comments: 1 2 3 4 5 6 7 8 9

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Newsletter Archive
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.

site design: Juxtaprose