‘Your email was hacked by criminal group’ email scam

Your email was hacked by criminal group email scam

An email scam sends you an email message from your own email address and claims that your email account was hacked by a criminal group.


A new sextortion email scam allegedly sends you an email message from your own account and claims that your email was hacked by a criminal group. The subject of the email message says “Security Alert. Your email was hacked by criminal group.” However, your email account was not hacked and the message was not actually sent from your account. A third-party email spoofing service was used to make it appear as if someone sent you an email message from your own email address.

Your email was hacked by criminal group

The email message says that your Operating System was hacked and that the hacker obtained full access to your email account. It claims that if you change your password, malware will intercept it every time.

The message claims that they have recorded you through your camera while you were visiting adult websites and if you do not pay them within 48 hours they will send videos of you visiting adult websites to your friends, relatives, and colleagues.

To be clear, this is a scam and your email account was not hacked. There are no images or videos of you visiting adult sites.

You will still receive the message if you have never visited an adult website or if your device does not have a camera on it.

Unfortunately, if you received this email or one like it, it means that your information was leaked online following a breach that occurred on websites like LinkedIn or Adobe. Scammers use information leaked about you (such as your email address, email account password, and telephone number) against you in order to attempt to blackmail you.

data breach

To locate a breach where your information may have been leaked from check out https://haveibeenpwned.com/. You can input your email address to locate where your information was leaked.

We recommend that you immediately change your password if you have received this email or one like it.

Transcript from email message:

Subject: Security Alert. [Your email address] was hacked by criminal group.
From: [Your email address]
To: [Your email address]

Hello!

I have very bad news for you.
19/08/2018 – on this day I hacked your OS and got full access to your account [Your email address]

So, you can change the password, yes… But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I’m talk you about sites for adults.

I want to say – you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea….
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $711 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 1MbdGY1LVr6gEjyN3Rok5HQDQcjWbYmLds

You do not know how to use bitcoins?
Enter a query in any search engine: “how to replenish btc wallet”.
It’s extremely easy

For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.

I hope you understand your situation.
– Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Have a nice day!

Although the email message might sound frightening and seem like a real threat, it’s not. It is a confirmed scam and you have nothing to worry about. The same exact message has been sent to many people and there have been many campaigns like it in the past.

Since this is a scam and you are not in danger, DO NOT PAY THE SCAMMER. They have not accessed your email account and they have not taken photos or videos of you. The only thing that you need to do is change the password to your email accounts to ensure your safety.

If you would like to make sure that your computer is clean, scan your computer for malware and other potentially malicious files with Malwarebytes using the instructions below:

1. Download Malwarebytes Anti-Malware software to scan your computer and remove malicious files and potentially unwanted programs.

2. To install the program, click the file you just downloaded. It can usually be located in the Download folder.

install malwarebytes

3. A window that says “Welcome to the Malwarebytes Setup Wizard” will appear. Click Agree and Install to begin the installation. Once complete, click Finish.

scan now

4. Now the Malwarebytes is installed, open the program and click the Scan Now button – or go to the Scan tab and click the Start Scan button.

quarantine selected

3. When the scan is complete click the Quarantine Selected button.

4. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.

Sean Doyle

Sean Doyle is a tech author and engineer with over 20 years of experience in cybersecurity, privacy, malware, Google Analytics, online marketing, and other topics. Sean's content has been featured in numerous publications.