Got A Day Of Hack Email With Your Password? Heres 3 Things To Do Now

Have you received a disturbing email from a hacker with your password? please don’t panic; I’ve got your back.

Has a hacker emailed you your password? here’s what to do next

Reading: Bitcoin email scam password

There is something alarming and surprisingly personal when you receive an email from a hacker who claims to have compromised your computer and has the password to prove it. but he takes a deep breath, not everything is as bad as it seems: this is exactly what you need to do next.

so, did you get an email from a hacker with your password?

The two most common email help requests that land in my inbox are from people who are convinced their smartphone has been hacked and people, mostly women, who have been sent emails by a hacker. an email with your password. of the latter, the emails they speak of seem to have more and more “hack day” in the subject line, along with a password that has, in fact, been used by the recipient.

It’s no surprise that more women than men contact me for help, given that the sender of the email, the alleged hacker, also claims to have compromising video of them due to being able to control their computers and webcams. . yes, we’re talking about sextortion again, a particularly nasty method of trying to extort bitcoin from victims and one that shows no signs of going away any time soon. in fact, these scams seem to have increased a bit during the pandemic, perhaps seeking to take advantage of heightened levels of anxiety that have plagued many of us.

the ‘day of hack’ sextortion threat

See also: Martin Lewis cryptocurrency scams ads continue to be shared on Facebook | The Independent

While sextortion scams evolve and details change over time, the day of the script hack has now become a permanent fixture. so named thanks to the broken English subject line that reads: “I know that [your password] is one of your passwords on the day of the hack.” the password that is cleverly included in the subject line to attract attention and create fear in the recipient is, in fact, a password known to them. Whether you have received a hacked email day or any variation, the handling remains the same. I’ll get to that in a bit, let’s first see how this supposed hacker knows your password in the first place.

Does this hacker really know my password?

The simple answer is yes, they obviously do because it shows up right there in the subject line of the email from the day of the hack. however, it’s a bit more complicated than that, and this doesn’t mean they also have control of your computer, webcam, or email. how is that? well, the first thing to consider is what password do they have? if you only use a small number of passwords repeatedly for different sites and services, it’s likely that the password was found among those stolen during a data breach at one of the services involved. if this is the case, the chances are equally high that you have already been notified of that breach and have been advised to change the password everywhere else you use it as well. unfortunately, this is an all too common practice and one that needs to change: now would be a good time, it must be said. Whatever, if you recognize the password but can’t remember where you used it, check out the excellent, free Have I Be Pwned database to see where passwords associated with your email address have been compromised and exposed. Violation databases are traded on the dark web and cybercrime forums and used by sextortion scammers. your panic is a knee-jerk reaction and the scammer hopes to convince you that he is in control and, even if he isn’t, will pay the money he is asking for. That’s why it’s always important to breathe, move away from the screen and think about what is being said with your logical brain busy.

could this hacker control my email, computer and webcam?

again, yes, they could. but the chances of that being the case are slim. small enough, I’d say, to be thrown away if you’ve received a hack email day. think about it: if the hacker controls your computer, why would they send you an email? Ransomware is easily and cheaply available to cybercriminals and is much more likely to result in an upcoming payment than claiming to have filmed someone masturbating to online porn. in fact, if they had a compromising video, why didn’t they include a small clip as evidence? Surely that would be the way to ensure payment? One victim of this despicable fraud campaign told me that the sender of the email had said that if he wanted proof, he would send a video to eight of his contacts. again, designed to inspire fear, but logically it’s not something that really makes sense when it could have been sent to her. Unless of course they don’t have that video, just the empty threats.

what should I do now?

Keep calm and ignore the so-called “elite hacker” who is just using a scripted email threat. how do I know it’s written? because hundreds of concerned people have sent me copies of the threatening sextortion email over the last year or so. the only thing that changes between one threat and the next is the included password and, probably because bitcoin exchange rates increase so rapidly, the ransom amount that is demanded. the criminal behind the email knows that the average person is not going to respond to a $10,000 (£7,150) demand and is more likely to ignore the email or report it to the police. instead, they calculate that around $1000 (£715) is the sweet spot to get paid.

here are typical excerpts from that script, which may be familiar to you:

“when I was watching videos, your browser started operating as an rdp with a keylogger that gave me access to your screen and webcam.”

See also: 5 Passive Income Crypto Sites for 2022 – The Economic Times

“my malware got all your contacts from your messenger, fb, as well as your email account.”

“I actually dropped malware on the adult porn website and you know what, you came to this site for fun.”

“if I don’t receive the bitcoin, I will definitely send your video recording to all your contacts, including friends and family, co-workers, etc.”

As for what you need to do, it can be summed up in three easy steps

1. if you haven’t already done so, change the account password for any service to which the email applies. if there is more than one, change them all with unique passwords. A password manager makes this easy to do and will result in stronger, more secure passwords that you won’t have to worry about remembering every time you want to log into an account.

2. While you’re changing those passwords, look in the security section of your account settings to see if two-factor authentication (2FA) is an option. if so, then use it. this is, in most cases, through a unique numerical code that is sent securely to a smartphone application. google authenticator and authy are among the most used and recommended. if the only 2fa option is for a code sent by text message (sms), opt-in. It’s not as secure as authenticator apps, but it’s much better than not having 2fa at all.

3. report the email to the relevant authorities. in the usa In the US, you can easily report attempted fraud to the Federal Trade Commission (FTC) here. In the UK, you can forward the email to [email protected], and there’s more on this from the National Cyber ​​Security Center (NCSC) here.

See also: 7 Best Crypto & Bitcoin Gambling Sites 2022 [Huge Bonuses]


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button