‘Your email was under attack! Change your access data!’

Your email was under attack! Change your access data!

Sextortion scams have become really popular this year and as we end 2018 a new sextortion scam has risen from the depths of wherever email scams come from. The latest sextortion email scam claims to have sent you an email from your own account. It actually says that in the email and the recipient and sender will both be your email address.

How is this done you might ask? Did someone really access my email account and send me an email message? No, no one actually accessed your email account and sent you an email message. A third-party email spoofing service was used to send you an email and make it appear as if it was sent from your account.

The purpose of this new sextortion email scam is to scare you into paying the cyber-scammer a particular amount of Bitcoins so they can use the money to move out of their parent’s basement and into their own studio apartment before they eventually move back in with their parents again (nothing wrong with that at all I must say; the living with parents thing, not the scamming people for Bitcoin part).

The email message sent from the scammer says that they have been watching you for months and that they have full access and control of your computer and device. With this unparalleled control of your machines, they were fortunate enough to make a video of you satisfying yourself while visiting an adult website.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.

The email goes on to say that if you do not pay them what they want, they will send the video to all of your email and social media contacts.

With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use.

Don’t let this alarm you because it’s not true. There are no videos of you, your computer was not infected by this scammer’s malware, and no one has accessed your email account. If you’re an angel and have never been to an adult website before (like me), you will still receive this message. If you’re living in the past and your device does not have a camera on it (good for you), the message will still claim to have recorded a video of you satisfying yourself.

Now that you know it’s a scam, there is some bad news. Unfortunately, if you received this email message it is a sign from the internet overlords that your information was possibly leaked somewhere online following a breach that occurred on websites like Adobe, LinkedIn, or Yahoo. Scammers use the information leaked about you (such as your email address, email account password, and telephone number) against you in order to scare you and attempt to extort money from you.

To find out where your information may have been leaked or which breach may have been leaked your information go to https://haveibeenpwned.com/ and submit your email address.

Transcript from the email message:

[Your email address] was under attack! Change your access data!
From: [Your email address]
To: [Your email address]

Hello!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your account.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other device.
This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails and contacts on social networks. I can also post access to all your e-mail correspondence and messengers that you use.

If you want to prevent this, transfer the amount of $526 to my bitcoin address (if you do not know how to do this, write to Google: “Buy Bitcoin”).

My bitcoin address (BTC Wallet) is: 18eBGkYam1wjz1S77jz3VmADuYYFzhA3vB

After receiving the payment, I will delete the video and you will never hear me again.
I give you 48 hours to pay.
I have a notice reading this letter, and the timer will work when you see this letter.

Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video will be immediately distributed.

Best wishes!

Although the email message might seem like a real threat, it’s not. It is a confirmed scam and you have nothing to worry about. The same exact message has been sent to many people and there have been many email scam campaigns like it in the past.

What can/should you do?

Change the password to your email account and wherever else you reused the password to ensure your privacy and safety. Here are some tips for making a secure new password:

  • Do not reuse the same password for multiple accounts. Use unique passwords wherever possible.
  • Use strong passwords with numbers, letters, and special characters such as !@$#.
  • Use two-factor authentication to add an extra layer of security along with your password.
  • Use a reputable password manager if you have trouble remembering multiple passwords.

Last, but not least, the email message claims to have infected your computer with malware, but that’s not true; However, this is a cybersecurity blog and if you would like to scan your computer for malware and other potentially malicious files follow these instructions:

1. Download Malwarebytes Anti-Malware software to scan your computer and remove malicious files and potentially unwanted programs.

2. To install the program, locate and double-click the executable file you just downloaded. The file can usually be found in the Download folder.

install malwarebytes

3. Choose if this is for home or work use and click Agree and Install to begin installing Malwarebytes. Once the installation is complete, click Finish.

scan now

4. Once Malwarebytes is installed, open the program and click the Scan Now button on the dashboard – or go to the Scan tab and click the Start Scan button.

quarantine selected

5. When the scan is complete click the Quarantine Selected button.

6. If Malwarebytes says “All selected items have been removed successfully. A log file has been saved to the logs folder. Your computer needs to be restarted to complete the removal process. Would you like to restart now?” click the Yes button to restart your computer.

7. Download HitmanPro to perform a second-opinion scan and remove any remaining malicious trace files. A second-opinion scan is important when removing malware and malicious files from your computer.

8. To install the program, locate and double-click the executable file you just downloaded. The file can usually be found in the Download folder.

9. Once HitmanPro is installed, open the program and click Next to start scanning your computer. *If you are using the free version you may choose to create a copy or perform a one-time scan.

10. When the HitmanPro scan is complete, click the Next button.

11. To activate the free version of HitmanPro: enter your email address twice and click the Activate button.

12. Click the Reboot button.

Sean Doyle

Sean Doyle is an engineer from Los Angeles, California. Sean's primary focuses include Cyber Security, Web Spam, and Online Marketing.