New email scam claims ‘hackers know password from your account’
One of the latest sextortion email scam messages claims that a victim’s device was hacked and that they were recorded through their device’s camera while viewing an intimate video. The purpose of the email message is to scare victims into believing the false claim in order to trick them into sending money in the form of cryptocurrency. Scammers primarily use cryptocurrency such as Bitcoin because it provides them with a solution to maintain anonymous exchanges with their victims.
The subject of the email message says “Hackers know password from your account. Password must be changed now.” The body of the email message goes on to further state that a RAT (trojan) was installed onto the victim’s device and that they were recorded through their device’s camera while viewing an adult video. Here’s a full transcript of this particular email message:
Hackers know password from your account. Password must be changed now.
From crisscrossesi5@activeware.com
To (Your password)
Hi, dear user of (Your email service provider)
We have installed one RAT(trojan) software into you device.
For this moment your email account is hacked.
I know your password for this account [Your email address]: (Your password)Changed your password? You’re doing great!
But my software recognizes every such action. I’m updating passwords!
I’m always one step ahead….So… I have downloaded all confidential information from your system and I got some more evidence.
The most interesting moment that I have discovered are videos records where you masturbating.I posted my virus on porn site, and then you installed it on your operation system.
When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device.
After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose.For the moment, the software has harvrested all your contact information from social networks and email addresses.
If you need to erase all of your collected data, send me $600 in BTC (crypto currency).
This is my Bitcoin wallet: 15hcdsqcsH2QoevpuHRM45xKBRC9UBrVha
You have 48 hours after reading this letter.After your transaction I will erase all your data.
Otherwise, I will send video with your pranks to all your colleagues and friends!!!P.S. I’m asking you not to answer this letter because the sender’s address is fake, just to keep me incognito.
And henceforth be more careful!
Please visit only secure sites!
Bye!
To make matters worse, as shown in the transcript above, the message contains the recipient’s past or current password which is especially frightening to many recipients because of how it enhances the false claims of the email message.
The use of a recipient’s password in an email message is a clear indication that the recipient’s information was leaked online following a data breach that occurred on a third-party site such as Adobe, MySpace, and so on. Since this may be the case, we advise those who have received an email message like this to follow these best practices to ensure their safety and privacy:
- Create a unique password for all the accounts you access online. Avoid reusing the same password for more than one account.
- Use a password manager such as 1Password, LastPass, or Roboform if you have trouble remembering passwords.
- Use special characters such as !@#$& to make your passwords harder for people to crack.
- Use multi-factor authentication (MFA) such as two-factor authentication (2FA) whenever possible to add an extra layer of security.
- Use a secure email service that provides end-to-end encryption such as Tutanota or ProtonMail.
- Use Antivirus software such as Microsoft’s built-in Windows Defender Antivirus that is free and better than a lot of Antivirus programs on the market, especially when combined with Malwarebytes.