‘Hacker who cracked your email’ scam tries to blackmail you for Bitcoin

I'm a hacker who cracked your email
One of the latest email phishing scams claims that a hacker has cracked your email and device a few months ago. It claims that you entered a password on one of the sites you visited and that they intercepted it. The email message then shows you your password at the moment of the alleged hack.

hacker cracked email scam

If you received an email message that says “I’m a hacker who cracked your email and device a few months ago” and appears to be sent to you from your own email address, ignore it. The message is fraudulent and no one actually hacked your email account and device.

The email message might be frightening because it will appear as if it was sent from your own account and your password (previous password or current password) will be mentioned numerous times. However, your email address was not accessed. It was spoofed by a third-party service such as anonymailer.

The purpose of the email is to trick you into paying a certain amount of Bitcoin to a BTC wallet (1YnYAxprVrTo1WzPPzMo86ste5Ssp4xsy or other) in order to erase data they claim to have collected about you.

The email says that you have 48 hours to make a payment and if you do not they will send all of your contacts “crazy shows from your dark secret life.” They also claim that your device will be blocked with some sort of ransomware.

Email message campaigns like this have been making circulation following recent breaches that occurred on websites like LinkedIn and Adobe. To see where your email information may have been leaked from check out https://haveibeenpwned.com/. You can input your email address to locate where your information was leaked.

hacker who cracked your email and device email

Here’s what is written in the email message:

Subject: I’m crack [your email address], password [your password] for [your email address] is compromised, or Mail delivery failed: returning message to sender
From [your email address]
To [your password]
Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from [your email address] on moment of hack: [your password]

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $897 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1YnYAxprVrTo1WzPPzMo86ste5Ssp4xsy

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

Here’s a second version of the email message:

Subject: account [your email address] is compromised
From [your email address]
To [your email address]
Date Today 11:15

Hello!

I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.

Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account.

Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.

I am in shock of your fantasies! I’ve never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.

There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.

Therefore, I expect payment from you for my silence.
I think $883 is an acceptable price for it!

Pay with Bitcoin.
My BTC wallet: 1DVU5Q2HQ4srFNSSaWBrVNMtL4pvBkfP5w

If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.

My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)

Do not be silly!
Police or friends won’t help you for sure …

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.
Farewell.

As you can see, the email can appear legitimate to many people. But, the same message has been sent around the internet to many people (word-for word) and there have been many campaigns like it in the past. Even if you have never visited a “piquant” website, you will still receive the same message. Even if your device does not have a camera, they will still claim to have recorded you through your camera.

Do not pay the BTC and do not reply to the scammers. The only thing you need to do is change the password to your email address and other accounts you have for safe measure.

The email message does not mean that your computer is infected with malware; However, if you would like to remove malware and other potentially malicious files from your computer we recommended to use Malwarebytes. Here are some instructions:

1. Download Malwarebytes Anti-Malware software to scan your computer and remove malicious files and potentially unwanted programs.

2. To install the program, click the file you just downloaded. It can usually be located in the Download folder.

install malwarebytes

3. A window that says “Welcome to the Malwarebytes Setup Wizard” will appear. Click Agree and Install to begin the installation. Once complete, click Finish.

scan now

4. Now the Malwarebytes is installed, open the program and click the Scan Now button – or go to the Scan tab and click the Start Scan button.

quarantine selected

3. When the scan is complete click the Quarantine Selected button.

4. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.

Sean Doyle

Sean Doyle is an engineer from Los Angeles, California. Sean's primary focuses include Cyber Security, Web Spam, and Online Marketing.