Cyber Criminals are always looking for new ways into your pocketbook. Most people would like to think this is always done through sophisticated methods of infiltrating your systems by using software exploits and is completely out of your control. The sad truth is that a large majority of Cyber Crime is committed by exploiting people – not systems! Criminals are using classic con-methods to get you to willingly give up your information, or even worse, make a direct payment to them!
More...
So what are the criminals up to now?
We have had several concerned people reach out in the past 48 hours about an alarming email they have received from a supposed hacker. This Hacker (we’ll call them Doti) has stolen people’s password with sophisticated malware and is demanding a BitCoin payment of ~$2,000 USD in 24 hours or else they will release an embarrassing video they took from your webcam the last time you were visiting pornography websites. Doti even includes “proof” in the subject and first sentence of the email by including a password of yours.
But, they have my password. This must be legit!!
The reason this is alarming to most is because the password Doti includes either is a current password, or a password that they have used in the past. Here is a copy of the email going around:
Let’s look at some of the facts about this scam and how it works:
- 1Someone you don’t know sends you an email that has a password you are familiar with in the subject line. This will peak your attention and likely get you to open and read the email.
- 2They are claiming to have gotten your password by breaking into your computer/phone/etc with sophisticated malware. This alleged malware has already been put on your computer and has recorded you from your webcam.
- 3Doti is giving you 24 hours to make a payment via BitCoin or an embarrassing video is going to be sent to friends, co workers, parents, or someone else to further humiliate you.
"Fact" #1 - They have your password:
According to several studies ~39% of Americans use the same password or password scheme for just about everything that requires a password. This is done to make life easier, but it also makes the job easier for Cyber Criminals to steal from you. Criminals are aware of this statistic and use it to their advantage!
"Fact" #2 - They have used Malware:
This is a false claim! Hackers like Doti have actually used the Dark Web to find your email address and a password. Doti is NOT using sophisticated malware!
Because Doti has not used malware for this he does not have a video of you, nor a contact list of your friends, family, co-workers, etc as claimed.
"Fact" #3 - You have 24 hours to respond:
Doti is trying to scare you with false proof (your password) and give you a short deadline to avoid embarrassment (via the alleged video of you).
OK Smartypants, what do I do if I'm still concerned?!
First off, DO NOT SEND MONEY TO HACKERS/SCAMMERS TRYING TO EXTORT YOU! By doing this you are furthering the cause of this person or the group they work for. It is important to note that this is an actual email from a real person, not a robot or some sort of AI.
Second, you can always give us a call and we can help you figure out if there is a reason to be concerned. That is how we learned of this scam in the first place!
Third, follow best practices. Here are 5 things you can do today that will help eliminate this type of threat:
- 1Employ an email filtering system. It will keep this type of scam message out of your inbox.
- 2Know about the Dark Web and what information it contains about you!
- 3Don’t use the same password or password scheme for everything, and employ a password vault to remember passwords.
- 4Turn on Two Factor Authentication (TFA) for everything. In the event someone does steal your password(s) you need another layer of defense. Two Factor Authentication will notify you if someone is trying to access one of your accounts.
- 5Work with an IT Partner that can do these things for you!
These types of scams aren't going away. In fact it seems that they become more prevalent every day with some new twist or way to trick you into falling for it. Keeping your head in the sand around how to deal with these things is not a good strategy! Working with an IT Partner like BITS can help you sleep at night knowing that you are protected from these types of scams. Contact Us Today if you need a little peace of mind!