Have you or anyone in your family, friends or colleagues received an email in your inbox from an anonymous individual claiming to have hacked your email account? To prove it they also provide you with a password that you use or used. Further, they go to prove that they have also hacked into your PC, phone and have recorded you visiting illegal websites or performing acts that are considered shameful by society.
If you have not seen or heard of such an email, it is called Email Extortion and simply put it is an attempt to make you pay thousands of dollars through Bitcoin. I wanted to make everyone aware of this as this is a reasonably clever extortion tactic being used to target individuals.
So how is it done? How do they know my password?
There are somethings called Paste Bins on the internet, where hackers paste Username and Passwords. YES, they do. And they do this to prove that they succeeded in hacking something. So, this is where they get your password and email. So, someone who wants to extort money, remain anonymous and does not really have to hack or know any computer hacking can simply type an email such as below and send it out using free email services:
I do know, yhhaabor, is your password. You may not know me and you’re most likely thinking why you’re getting this email, right?
actually, I actually setup a malware on the adult video clips (pornographic material) web site and you know what, you visited this web site to have fun (you know what I mean). While you were watching videos, your web browser began operating as a RDP (Remote Desktop) having a key logger which provided me access to your display and web camera. after that, my software obtained your entire contacts from your Messenger, social networks, and email.
What exactly did I do?
I created a double-screen video. First part shows the video you were viewing (you’ve got a fine taste ; )), and 2nd part displays the recording of your webcam.
What should you do?
Well, I believe, $2900 is a reasonable price for our little secret. You will make the payment through Bitcoin (if you don’t know this, search “how to buy bitcoin” in Google).
So what do you do when you receive such an email?
Change the password to the website that the password (remember, the one that was used in the extortion email) was used.
Take a deep breath and stay calm. Do not reply or try to send Bitcoins. They don’t have anything on you, else they would have sent you some details.
Do a google search for the content, chances are you see tens of websites talking about the same email.
Report it to IC3.gov, see link below.
Also, notify your IT admin like me, or the website provider or service provider of the website.