Worrying email

Mojisola

I've had an email which has gone straight into spam but the first line quotes one of my passwords - that's worrying.

I haven't opened it.

The address is giandudem.fivkitd.com

Goggling that address doesn't bring up anything.

Apart from changing passwords and not opening the email, any suggestions?

rajeshk4u

Do you use the same password on many sites?

There are a lot of sites, which ask you to register for one thing or another. If one of these has been compromised, that is how they have your password.

dan958

https://haveibeenpwned.com will let you know if you have been involved in any known major data breaches. Just change the password id you are still using it, that is all you need to do.

Ebe_Scrooge

Does the email say something along the lines of "You naughty boy, you've been watching !!!!!!, I remotely controlled your webcam and have got screen shots of you which I'll send to all your friends and family unless you pay me lots of money" ? If so, it's a scam which has been doing the rounds lately.

I don't pretend to understand the technicalities of it, but I gather they've somehow harvested old passwords from years ago. As long as you change your password, or have done so within the last couple of years, don't worry about it.

If you Google for "Spam email knows my password" you'll find any number of articles about it. Here's an example : https://nakedsecurity.sophos.com/2018/07/13/sextortion-scam-knows-your-password-but-dont-fall-for-it/

Ant555

>800million unique email addresses and 21 million unique passwords + any credit card info, bank info, address info, maiden names etc or other tiny pieces of information that may have been stolen over the years are being patched together by the bad guys

As time goes on these small pieces of data are being stitched together into a more refined database that the bad guys can sell.

The better and the more validated the data is - the more money they can sell it for - its worth millions to them (some even say its in the billions) and for this reason its a full time, large scale operation.

Someone has probably bought/rented/stolen/downloaded a list from the bad guys and sent out messages to a huge number of email addresses - plus the bit of password data that they think might be associated with it.

The bad guys hope some people think 'hang on that really is one of my passwords so i am in trouble here' and will then engage with the sender and ultimately pay them money.

So, they have technically got some of your details on a list but thats the same for many millions of others, they dont really know if its valid or not, IF its a password that you still use, or worse, use use the same password on multiple web sites or as your email password itself then change it asap on everything.

Hope this helps

Mojisola

Ebe_Scrooge wrote: »

Does the email say something along the lines of "You naughty boy, you've been watching !!!!!!, I remotely controlled your webcam and have got screen shots of you which I'll send to all your friends and family unless you pay me lots of money" ? If so, it's a scam which has been doing the rounds lately.

I haven't opened the email but, as I haven't been naughty, I'm not worried about this kind of scam.

Ant555 wrote: »

So, they have technically got some of your details on a list but thats the same for many millions of others, they dont really know if its valid or not, IF its a password that you still use, or worse, use use the same password on multiple web sites or as your email password itself then change it asap on everything.

It's not a password I use on anything important but I won't use it again.

Thanks for all the replies - feeling less worried now.