‘This account was recently infected!’ sextortion email scam
If you recently received an email message from yourself that says “this account was recently infected,” don’t be alarmed; it’s not true. The email message is part of one of the latest sextortion email scam campaigns going around the web at the moment.
It may be frightening to receive an email message from your own email address. It certainly looks like someone else may have been able to access and compromise your email account, but that’s not exactly what happened.
A third-party email spoofing service was used to make it appear as if someone accessed your email account and sent you a message. We know this because this scam is not new, and it’s possible to track which services may have been used. Furthermore, email sextortion scams have been gaining in popularity with email scammers since late September 2018 and haven’t slowed down since, so there’s familiarity with this email message.
The email message is designed to scare victims into paying the scammer a specified amount of cryptocurrency that is based on anonymity called Bitcoin. Since this is a scam, don’t pay the scammer! It won’t help you.
The email message itself says that your email account and devices were infected with malware and that the hacker was able to record a video of you while you were viewing adult videos online. It can get pretty graphic with the details.
If you don’t pay up, the message pretty much claims that they will send the video of you as well as whatever may be on your computer to your contacts including friends, family members, and colleagues.
Here’s a transcript of the email message (your email message may be slightly different):
“This account was recently infected! Change the password right this moment!
You do not heard about me and you are probably surprised for what reason you are receiving this particular message, is it right?
I’m hacker who burst your email box and devices not so long ago.
It will be a time wasting to make an attempt to talk to me or alternatively look for me, it is definitely hopeless, since I directed you a letter from YOUR own account that I’ve hacked.
I’ve started a virus to the adult videos (porno) site and suppose you have spent time on this website to have fun (you know what I mean).
Whilst you were paying attention to films, your internet browser began to act like a RDP (Remote Control) that has a keylogger which provided me authority to access your display and camera.
After that, my software acquired all data.
You typed passwords on the web services you visited, I caught all of them.
Of course, you are able to change them, or possibly already changed them.
But it really doesn’t matter, my spyware renews it every time.
What actually I have done?
I got a backup of every your system. Of each file and contact lists.
I got a dual-screen video file. The 1 part displays the video you were observing (you have the perfect taste, ha-ha…), the 2nd screen displays the video from your camera.
What actually should you do?
Great, in my view, 1000 USD will be a good price for this very little riddle. You will make your payment by bitcoins (in case you don’t know this, try to find “how to buy bitcoin” in any search engine).
My bitcoin wallet address:
1JRfE57ZF8Eaqa7DktHmVCoAneA8q4fpP2
(It is cAsE sensitive, so just copy and paste it).
Attention:
You have only 2 days to make the payment. (I put an exclusive pixel to this letter, and at this moment I know that you’ve read this email).
To trace the reading of a letter and the actions in it, I utilize a Facebook pixel. Thanks to them. (The stuff that can be used for the authorities should help us.) In case I do not get bitcoins, I will immediately direct your recording to each of your contacts, including relatives, colleagues, and so forth?”
There is one issue with this email message that you should consider. If you received the email message, it could possibly mean that your personal information such as your email address and password, full name, and telephone number were leaked on the darknet. This typically happens following a breach that occurs on a third-party site such as Adobe, Experian, and Yahoo.
To locate which breach your information may have been leaked from, go to https://haveibeenpwned.com/ and submit your email address to receive a free detailed analysis.
Since your account information may have been leaked online, it is strongly advised to change your password immediately to avoid unwanted access. Also, change the password to other accounts you may use for safe measure.
We recommend that you utilize these best practices when making a new secure password:
- Do not reuse the same password for multiple accounts. Use unique passwords wherever possible.
- Use strong passwords with numbers, letters, and special characters such as !@$#.
- Use two-factor authentication to add an extra layer of security along with your password.
- Use a reputable password manager if you have trouble remembering multiple passwords.