Blackmail Email which contained a password 20 July 2018 at 7:17PM edited 30 November -1 at 1:00AM in Techie Stuff 21 replies 20.5K views

simpywimpy

I have this evening had a threatening email on my Hotmail account which in the subject title contained my old password that I probably still have on old sites I no longer use.

It states that they have accessed my computer while I have been looking at !!!!!! sites, have videos off me, all my personal contacts and unless I sent them $2900 will send this off to everyone I know.

I have security scanned my pc and found nothing.

What should I do to protect myself? They have obviously got my password from somewhere

robinwales

Don't panic. It's all over the news. Mine was an old password so no harm. The news outlets are saying they got hold of an old data list, probably a couple of years ago. My password was from at least a year ago. Change your main passwords immediately, especially email, Google account, Paypal, and banks if they use the compromised password, and don't use that password for anything else. You also need to use 2-step verification on Google and Amazon, and any other site that has it. If you have that, anyone who gets your current password also needs your phone. I use the same password for Amazon, Google, and Paypal, and I don't use the password for anything else, but others may advise differently.

They are calling this a scam, but it's plain and simple BLACKMAIL, for which there can be a pretty severe prison sentence. They are the lowest form of scumbags. Do NOT pay any money, and do not reply to them. And do not click on any links or attachments in the email.

dj1471

It's common. If you have a search here you can probably see how they got the password:
https://haveibeenpwned.com/

simpywimpy

Im usually pretty savvy with scams and hoax emails etc but because the password was in the subject line it made me feel sick.

It was all lower case so definitely an old one

Thank you for putting my mind at rest.

forgotmyname

How accurate is that website? I have a few email addresses that i use for spam and 2 are showing, one is myspace which i know about.

But it also shows daily motion, i know 100% i have never registered on that site.

River city media? Never heard of that one.

Brookside88

My boss got the same email

Grumpygit

Yeh, got one of these myself last night.


A correct password but on an email account that I don't really use and certainly not for the sites it mentions.


Definitely time to change all passwords i think

Linus2864

This seems to be the latest phishing attempt.


I had one this morning and twigged it was likely to have been a phishing attempt when I realised that my life is so boring, no one in their right mind would want to record me . . .


The Action Fraud website has more details:


https://www.actionfraud.police.uk/news/alert-cyber-criminals-send-victims-their-own-passwords-in-new-sextortion-scam-jul18


You can safely delete the e-mail or report it to Action Fraud, but definitely don't reply to it.


Actually, they wanted $9000 off me, so my life can't be that tedious.


Hope this helps


L

John_Gray

It can't be a cool phishing/blackmail scam, because cool attempts would always ask for payment in bitcoins.

AndyPix

robinwales wrote: »

Don't panic. It's all over the news. Mine was an old password so no harm. The news outlets are saying they got hold of an old data list, probably a couple of years ago. My password was from at least a year ago. Change your main passwords immediately, especially email, Google account, Paypal, and banks if they use the compromised password, and don't use that password for anything else. You also need to use 2-step verification on Google and Amazon, and any other site that has it. If you have that, anyone who gets your current password also needs your phone. I use the same password for Amazon, Google, and Paypal, and I don't use the password for anything else, but others may advise differently.

They are calling this a scam, but it's plain and simple BLACKMAIL, for which there can be a pretty severe prison sentence. They are the lowest form of scumbags. Do NOT pay any money, and do not reply to them. And do not click on any links or attachments in the email.

^^ Great post


OP don't worry .
What has happened here is some bright spark has though of a way to utilise an old dataset that is otherwise useless because it is so out of date ..
Quite clever really in a scummy sort of way ..


They know the password is no longer current but have correctly thought of the idea that instead of trying to use it to log on to your stuff, they can use it to scare you into thinking that what they are saying is true, and that they do have videos of you etc ..


They don't - but I bet they earn a pretty penny out of this one ..


I have been questioned about this one many times over the last week or so

dealer_wins

Hope they had a 100x zoom lense for my video lol