The latest email phishing scam campaign claims that your email was hacked by someone who calls themselves ingram78 more than six months ago. The email message insists that you pay them $892 (or other amount) in Bitcoin or they will send your files, history of sites you visit, and other information to everyone you have contacted. There are several versions of email messages like this one and this is the most current.
The email might appear to be sent to you from your own email account even though it was not. The email message starts by saying “My nickname in darknet is ingram78” and claims that your email account was hacked. They claim that they have infected your operating system with a virus (trojan) created by them and have been monitoring you for a long time. They also claim to have access to all your accounts, social networks, email, browsing history.
To make the email more frightening, the scammers show you your email account’s password multiple times even though the password might or might not be current.
Don’t be alarmed. The message is essentially a sextortion scam. The content in the email is fraudulent and your email and other accounts have not been hacked. Also, there is not a virus(trojan) on your device (associated with this email at least). This is just one of the latest email scam campaigns going around related to a recent leak (LinkedIn, Adobe, etc.). However, it is strongly advised to immediately change your password. Especially if you use the same password for various accounts – change them all.
It’s okay to ignore the email message if you have received it. It is basically a phishing scam conducted by self-proclaimed hackers attempting to blackmail you through a series of email messages.
The message tries to frighten targets by claiming to have access to their messages, social media accounts, and more. It claims to have recorded them through the camera of their device and synchronized them with that they are watching.
Here’s what is written in the current email campaign:
Subject: [your email address] is hacked
From [your email address]
To [your password/current or previous]
My nickname in darknet is ingram78.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.
So, your password from [your email address] is [removed]
Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.
I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.
I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!
During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!
I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $892 is quite a fair price to destroy the dirt I created.
Send the above amount on my BTC wallet (bitcoin): 1EZS92K4xJbymDLwG4F7PNF5idPE62e9XY
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.
Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!
Since reading this letter you have 48 hours!
After your reading this message, I’ll receive an automatic notification that you have seen the letter.
I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!
As you can see, the email can appear legitimate to many people. But, the same message has been sent around the internet to many people (word-for word) and there have been many campaigns like it in the past. Even if you have never visited an intimate website, you will still receive the same message. Even if your device does not have a camera, they will still claim to have recorded you through your camera.
Do not pay the $892 BTC and do not reply to the scammers. The only thing you need to do is change the password to your email address and other accounts you have for safe measure.
The email message does not mean that your computer is infected with malware; However, if you would like to remove malware and other potentially malicious files from your computer we recommended to use Malwarebytes. Here are some instructions:
1. Download Malwarebytes Anti-Malware software to scan your computer and remove malicious files and potentially unwanted programs.
2. To install the program, click the file you just downloaded. It can usually be located in the Download folder.
3. A window that says “Welcome to the Malwarebytes Setup Wizard” will appear. Click Agree and Install to begin the installation. Once complete, click Finish.
4. Now the Malwarebytes is installed, open the program and click the Scan Now button – or go to the Scan tab and click the Start Scan button.
3. When the scan is complete click the Quarantine Selected button.
4. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.