A new kind of online scam has emerged that uses your own password to fraud you.
In recent time, many people have been tangled in this new ransomware by receiving a devious email by a hacker claiming to get the password of recipient.
This is a trick to scare people in which ransom money is demanded in the form of Bitcoin later on. This extortion scam is designed to fall you think you have been caught watching videos on an adult website.
There’s a twisted new sextortion scam going around.
A programmer, Can Duruk received that mail:
Similarly, SecGuru told Bleeping Computer a similar case which is shared by a screen grab of virtually same email sent to him just a few days ago:
Apparently, scammer has managed to get his hands on the old leaked password. Both emails read:“I’m aware that XXXXXXX is your password.
You don’t know me and you’re thinking why you received this e mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do?
I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do?
Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72
(It is cAsE sensitive, so copy and paste it)
You have 24 hours in order to make the payment. (I have a unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immediately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”
It’s All a Hoax
In actual, Can Duruk and SecGuru told that the passwords were the old one they had used and were compromised by a data breach. So, your password seeing in such an email with warnings is, no doubt, heart wrenching. But it is assured that hackers could not gotten their hands on your web footage this easily.
A researcher told that when talking to some people who got the similar threat, most of the passwords were “ten years old” so it is obvious that hackers got hand on old ones for online blackmailing.
Even if you are using the same password for years, it is unlikely to catch your video from your webcam this easily, unless you try to do it yourself. But for your sake, it would be secure to put a tape on your webcam while web surfing and changing your password erratically.
Over and above, it is your utmost responsibility to frequently make changes to protect your online data and keep yourself secure from such scams.