‘Hacking Alert! You account was hacked’ email scam tries to blackmail you

Sean Doyle

Sean Doyle is an engineer from Los Angeles, California. Sean's primary focuses include Cyber Security, Web Spam, and Online Marketing.

20 Responses

  1. I immediately filed a complaint at the FBI website. They ask for a copy of the email message, including headers. I may have over reacted and perhaps the FBI is having a good laugh at me for taking this so seriously, but maybe my information will help them track this scum down, for the sake of those poor fools who actually paid.

  2. Anonymous says:

    Just like to say thanks for all comments – for an oldie like me was nearly fooled for the this one – too many things were nearly there ! – now if he’d asked for £20 I may have fallen for it – but bite coins what are those and how to pay?? But password changed and run a full cheque thu the system.

  3. Much appreciated, getting an email from myself with a mention of a previous password,threw me off balance.On reflection,why would I end up in the spam folder? Once again,thank you 🙂

  4. Anonymous says:

    Had this email yesterday, i suffer from anxiety so i had a pretty rough time when i first read it, even gave actionfraud a call, they told me more or less the same as what you’ve said here. This has been sent to many, many people and its nothing to worry about. Just scare tactics

  5. Anonymous says:

    Freaked me out a little because it was a password that I actually have used in the past. Did a little investigation and found I still was using on some current accounts including PayPal!! Email would not have matched but if someone knew the email address I use for PayPal and used that password they would have had a heyday! Thank goodness I have LastPass.

  6. a_n says:


    I have received the same email on today at 17:05 but I saw that the date of sent mail is tomorrow 16th.
    Am I in dangerous more than others?
    I am sorry. But I am so worried

  7. Timothy53 says:

    I have been getting this email. The first time I laughed out loud. The password was just a random number bearing no resemblance to any password I have ever used. The Nigerian prince’s grasp of English grammar and ability to spell was far superior. This is south an amateur job only a fool would be suckered by it.

    Here’s how to handle it: delete the email when it comes in.

  8. Steph says:

    Our company has received this email, however the email has been sent from our own info@ email address. And any replies to the email come to our mailbox. Should I be more concerned?

  9. Anonymous says:

    recu à l’instant …
    Dear user of orange.fr!

    I am a spyware software developer.
    Your account has been hacked by me in the summer of 2018.

    I understand that it is hard to believe, but here is my evidence:
    – I sent you this email from your account.
    – Password from account corinne.eck@orange.fr: nh77jk (on moment of hack).

    The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).

    I went around the security system in the router, installed an exploit there.
    When you went online, my exploit downloaded my malicious code (rootkit) to your device.
    This is driver software, I constantly updated it, so your antivirus is silent all time.

    Since then I have been following you (I can connect to your device via the VNC protocol).
    That is, I can see absolutely everything that you do, view and download your files and any data to yourself.
    I also have access to the camera on your device, and I periodically take photos and videos with you.

    At the moment, I have harvested a solid dirt… on you…
    I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.

    I note that it is useless to change the passwords. My malware update passwords from your accounts every times.

    I know what you like hard funs (adult sites).
    Oh, yes .. I’m know your secret life, which you are hiding from everyone.
    Oh my God, what are your like… I saw THIS … Oh, you dirty naughty person … 🙂

    I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera.
    Believe it turned out very high quality!

    So, to the business!
    I’m sure you don’t want to show these files and visiting history to all your contacts.

    Transfer $867 to my Bitcoin cryptocurrency wallet: 1ARbihuSkEAojNHgxsgFVKjTJDHXuimB8
    Just copy and paste the wallet number when transferring.
    If you do not know how to do this – ask Google.

    My system automatically recognizes the translation.
    As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system.
    Do not worry, I really will delete everything, since I am ‘working’ with many people who have fallen into your position.
    You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.

    Since opening this letter you have 48 hours.
    If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted,
    and from my server will automatically send email and sms to all your contacts with compromising material.

    I advise you to remain prudent and not engage in nonsense (all files on my server).

    Good luck!

  10. Gerard says:

    I’ve got this E-mail too, thanks for all the information! Went to the website and got this message:
    Good news — no pwnage found!
    No breached accounts and no pastes (subscribe to search sensitive breaches)
    That looks nice, but I do not know where this mail come from or how I can make the password leak stop, do you have more ideas besides chanign my passwords (that I will do!)
    Thanks for all the work!

  11. chuck says:

    Ah, yes, like you say, there’s no reason to be alarmed.
    BUT how come they know and can give some old password you’ve used??
    They must’ve harvested this from somewhere that you’ve logged into using this (somewhere, where they save your password in ascii format!)

  12. Emma says:

    Hi I have received this email and my email passwords have been changed, I don’t think they have hacked my computer but I am sure they have hacked my hosting account.

  13. richard says:

    Thanks for your article. I believe there may be a second level to the scam and that aspect has not yet been recognized. All these scam emails request payment in Bitcoin. The email has an ID for a Bitcoin wallet and each email has a different ID. If you Google that ID, it comes up with quite a few sites that claim the ID is the name of a virus and they can remove it for you. I do not check any of these sites as I believe they are fake and are intended to infect a PC with their own virus. I have not seen anybody write about this, so many people may have been caught

    • Sean Doyle says:

      I recognize those sites. They’re scam sites that usually copy from other peoples sites (like this one) but change things a bit. They claim the wallet ID is a virus in order to trick people into downloading rogue security software that won’t actually help. The malicious security software will only scan the computer then insist that the user purchase a subscription to remove threats.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.