There are a rash of emails being sent out which try to scam you out of money on the threat of videos being taken of you via your webcam.
These emails are, in general, being generated from a breach on a company that you’ve been using in the past. In some cases the password has been 10 years old but people are reluctant to change passwords often and can still be using them or something very similar.
The general threat can be seen from the section that I’ve copied below from such an email:
I will cut to the chase. I’m aware xxxxxx is your pass word. More to the point, I know about your secret and I’ve proof of it. You don’t know me and nobody employed me to examine you.
It’s just your bad luck that I came across your misdemeanor. In fact, I actually installed a malware on the adult vids (pornographic material) and you visited this site to experience fun (you know what I mean). While you were busy watching videos, your internet browser started out functioning as a Rdp (Remote desktop) having a keylogger which gave me access to your screen as well as web cam. Right after that, my software program collected your entire contacts from messenger, facebook, and email.
I then gave in much more hours than I probably should have investigating into your life and generated a double-screen video. First part displays the recording you had been viewing and second part displays the video from your web cam (its you doing inappropriate things).
Honestly, I am willing to forget everything about you and let you get on with your regular life. And I will offer you two options that can achieve that. The above choices with the idea to ignore this letter, or simply just pay me $2750. Let us examine these 2 options in more details.
Option One is to ignore this message. Let’s see what is going to happen if you choose this path. I will, no doubt send your video to your contacts including members of your family, colleagues, and so on. It will not protect you from the humiliation you and your family will face when family and friends uncover your sordid details from me.
Other Option is to make the payment of $2750. We will call it my “privacy tip”. Now let me tell you what happens if you opt this choice. Your secret will remain your secret. I’ll erase the recording immediately. You move on with your daily life like nothing ever occurred.
At this point you may be thinking, “I will complain to the police”. Let me tell you, I’ve covered my steps to ensure that this e mail can’t be linked to me also it will not stop the evidence from destroying your lifetime. I am not seeking to dig a hole in your pocket. I just want to be compensated for my time I placed into investigating you. Let’s assume you have decided to generate all of this go away and pay me my confidentiality fee. You’ll make the payment through Bitcoin (if you do not know how, type “how to buy bitcoins” on search engine)
Required Amount: $2750
Send To This Bitcoin Address: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Tell no one what you would be utilising the bitcoin for or they may not sell it to you. The method to obtain bitcoin may take a day or two so do not procrastinate.
I’ve a specific pixel within this e-mail, and right now I know that you have read this e-mail. You have 48 hours to make the payment. If I do not receive the Bitcoins, I will definately send your video recording to your entire contacts including close relatives, colleagues, and so forth. You better come up with an excuse for friends and family before they find out. Nonetheless, if I receive the payment, I’ll erase the recording and all other proofs immediately. It’s a non-negotiable offer, thus please do not ruin my time & yours. The clock is ticking. Let me remind you, my software will definitely be sharing the actions you are taking when you find yourself done reading this letter. You should know If you search anything suspicious I am going to send out your sextape to your close relatives, coworkers even before your your deadline.
Should you receive such an email the general advice is:
- Note down the password that the email contains as this will be something that you have used historically.
- DELETE the email.
- Think about where you have used (and possibly still are using) this password and then systematically change the password at those sites by directly logging in yourself and going through the ‘Reset/Change Password’ processes.
- Then think about where you have used a password similar to this one and do the same thing.
If you are still concerned or feel unable to change all those passwords contact somebody that you trust who can help you with the process.
Useful links
Action Fraud: https://www.actionfraud.police.uk/
