An article from Adam Freedman of Dunwoody PC
There’s a “sextortion” email scam that is exploding on the internet where you may receive an email with your name and a password (and it’s usually an old password, unless of course, you never change your passwords). There’s a cut-and-paste message afterwards that usually says something like:
“I am well aware XXXxxxxx is your passphrase. Lets get directly to the point. You do not know me and you’re most likely wondering why you are getting this email? Not one person has compensated me to investigate you. actually, I placed a malware on the 18+ streaming (porn material) website and guess what, you visited this website to have fun (you know what I mean).When you were watching video clips, your web browser initiated functioning as a Remote Desktop that has a key logger which provided me with access to your display screen as well as webcam. Right after that, my software program gathered every one of your contacts from your Messenger, Facebook, and e-mail . Next I created a video. 1st part displays the video you were watching (you’ve got a fine taste hahah), and 2nd part shows the recording of your cam, and its u.
You got two different options. We will explore each one of these options in particulars:
First alternative is to disregard this e mail. In such a case, I am going to send your actual video clip to every bit of your personal contacts and thus consider about the embarrassment that you receive. In addition if you happen to be in a romantic relationship, exactly how this will affect?
Other choice would be to give me $3000. Let us call it a donation. Then, I most certainly will without delay remove your video. You could keep on going your life like this never happened and you will not hear back again from me. You’ll make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google search engine). “
So, is this real? Yes, at some point, you’ve been hacked. The hack probably did not occur locally on your computer but at the web-site service that matches the password that they’ve told you about. Of course, it’s difficult to diagnose if you use the same passwords on multiple sites. According to security experts, someone has harvested your email address and a password. It’s mostly a phishing attempt at you and, not any different from a phone call IRS scam or “Microsoft” security scam to separate you from your money based on fear.
So what should do? Common sense stuff. Don’t give anyone any money, if you recognize that password, log on to the site and change it there. Don’t use the same password on multiple websites.
Here’s a link for more information from Krebs on Security from July 12th:
https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/
A great website where you can see anywhere your accounts have been compromised:
https://haveibeenpwned.com/
If in doubt, give me a call. I am happy to schedule a time for me to come out to talk about mitigating risk while on the internet.
Adam Freedman
Dunwoody Personal Computers, LLC
phone: 404-702-3726
email: adam@dunwoodypc.com
website: www.dunwoodypc.com
facebook: facebook.com/dunpc
twitter: twitter.com/dunwoodypc
linkedin: linkedin.com/in/AdamFreedmanDunwoody
remote access: dunwoodypc.screenconnect.com