Hackers are using new tricks to get information or money by blackmailing people through emails. In this latest blackmail scheme, hackers use an individual’s old password, found on the dark web, to add credence to their claims that they have compromised your computer, recorded images of you surfing pornography, and then demand a bitcoin payment to prevent public release.
Unlike many other real-world sextortion cases you may have heard about including revenge porn and the misuse of sexting, this latest threat is 100% a hoax.
But How Could a Hacker have my Password?
As documented in my CyberHoot Wed. piece on Passwords, Passphrases, and Password Managers, the website ‘https://HaveIBeenPwned.com’ is a legitimate and useful website you can visit to see if any of your email accounts and passwords are part of more than 8 Billion records of publicly disclosed breaches at Linked In, DropBox, Yahoo, and many others. The unfortunate truth is that this is just the tip of the iceberg when it comes to compromised credentials with many more accounts and passwords available on the “Dark Web” in private forums where cyber-criminals sell these credentials for profit. This is where your Sextortion email likely secured that “really old password” you barely remembered having!
In this Sextortion scheme, hackers mine the dark web for credential pairs (email and password) and craft the message (shown below) to induce panic and convince you to pay a bitcoin ransom to prevent the release of photos to your social media accounts.
I do know, [
redacted], is your password. You do not know me and you are probably thinking why you are getting this e mail, correct?
Actually, I placed a malware on the adult videos (porno) website and do you know what, you visited this web site to experience fun (you know what I mean). While you were watching videos, your internet browser initiated working as a RDP (Remote Desktop) that has a key logger which gave me accessibility to your display and also webcam. After that, my software program obtained all your contacts from your Messenger, Facebook, as well as email.
What exactly did I do?
I made a double-screen video. Fist part displays the video you were viewing (you’ve got a nice taste haha) and second part shows the recording of your webcam.
What exactly should you do?
Well, I believe, [insert various dollar amounts], is a reasonable price tag for our little secret. You’ll make the payment via Bitcoin. (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: [
redacted] (It is cAsE sensitive, so copy and paste it)
You have one day to make the payment. (I’ve a unique pixel within this email message, and now I know that you have read this e mail). If I do not get the BitCoins, I will definitely send out your video to all of your contacts including relatives, co-workers, and so forth. Nonetheless, if I receive payment, I’ll erase the video immediately. If you want evidence, reply with “Yes!” and I will send your video to your 9 friends. It is a non-negotiable offer, that being said do not waste my time and yours by replying to this e-mail.
I’ve received many inquiries about this scam and whether hackers could really pull off this “Sextortion Attack”. Checking whether the identified password was part of a breach by visiting the HaveIBeenPwned.com site should provide you the relief you’re seeking. If your password was part of a breach you can confidently ignore this extortion. If on the other hand your password was reported in that site, you should probably think about whether you could have clicked on a phishing email or other attack recently. Running a MalwareBytes scan on your computer and/or AV scan wouldn’t hurt. Knowing that you don’t surf pornography, don’t have a web Camera, or cover your web camera with a cover should also provide you some automatic relief. Technically, everything the hacker claims to have done could be done. But the presence of a password is usually a dead give-away that this hack is a HOAX. I have not know a single person to pay this scan… but given its prevalence someone must be paying!
Now that I know this is a hoax, what should I Do?
A good response is to delete the message and never give it another thought, however, the best response, would be to read my article on Passwords, Passphrases, and Password Managers (link above). Learn how to use a Password Manager, Pass Phrases, and then slowly begin to replace all your old passwords with strong, long, random passwords generated and managed by your Password Manager. You’ll be more confident, secure, and productive!
Follow our LinkedIn page for other updates: CyberHoot LinkedIn
Craig, Co-Founder – CyberHoot