If you receive an email similar to this BEWARE! You are being targetted by a scammer in an attempt to either obtain money or information from you.
Subject: [BULK] password (j19672) for jmunoz@.com is compromised
I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from jmunoz@ on moment of hack: @#$#@Jja
Of course you can will change it, or already changed it.
But it doesn’t matter, my malware updated it every time.
Do not try to contact me or find me, it is impossible, since I sent you an email from your account.
Through your email, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a Trojan on your device and long tome spying for you.
You are not my only victim, I usually lock computers and ask for a ransom.
But I was struck by the sites of intimate content that you often visit.
I am in shock of your fantasies! I’ve never seen anything like this!
So, when you had fun on piquant sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I combined them to the content of the currently viewed site.
There will be laughter when I send these photos to your contacts!
BUT I’m sure you don’t want it.
Therefore, I expect payment from you for my silence.
I think $830 is an acceptable price for it!
Pay with Bitcoin.
My BTC wallet: 1JTtwbvmM7ymByxPYCByVYCwasjH49J3Vj
If you do not know how to do this – enter into Google “how to transfer money to a bitcoin wallet”. It is not difficult.
After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system.
My Trojan have auto alert, after this email is read, I will be know it!
I give you 2 days (48 hours) to make a payment.
If this does not happen – all your contacts will get crazy shots from your dark secret life!
And so that you do not obstruct, your device will be blocked (also after 48 hours)
Do not be silly!
Police or friends won’t help you for sure …
p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.
I hope for your prudence.
Testing for Spam or Phishing Emails/Notices
- Google, Microsoft, Apple, HP, Lenovo, Dell, etc will NEVER call or email you about your computer being “compromised”
- If the email has a link hover over it with your mouse and a window will pop up showing where the link actually goes (the text in the email doesn’t always match) if they don’t match be wary. Also keep a close eye on the TRUE web address; microsoft.com and mlcrosoft.com look awfully alike at a quick glance but the 2nd example the I in the name is actually an L.
- Is the grammar and spelling especially poor? An error or two could be legitimate but a message that is almost difficult to read is most likely spam
- Is there an offer that sounds too good to be true? It IS!
- If the email is warning you of a problem noticed on your computer and you are NOT signed up with a company that is monitoring that for you then don’t believe it.
If You Have Allowed Someone Access to your PC
- Shut down the computer IMMEDIATELY and disconnect it from ALL internet access
- Have a TRUSTED technician review the system for leftover malware. Often these scammers will leave little Trojan Horse software (that’s where we get the name trojans when referring to malicious software) that allows them either access to your PC, or captures your keypresses and sends the info back to them. Ideally the technician will remove the hard drive from your machine and test/scan it in a known clean machine to locate and remove these unwanted programs.
- Change ALL of your critical online passwords (bank and financial institutions, online shopping sites, etc). If you wouldn’t give the password to a close friend then change that password. Even sites like Netflix could allow them to gather enough info about you to give them a head start in gaining access to your more critical accounts.
- Keep an eye on all of your financial accounts and be alert to any random charges. Even if for a small amount it could be the hacker “testing” the info they’ve obtained.
Minimize Your Chances of Being Targetted
- Use a password management tool. LastPass is the one I typically recommend. It has plug-ins for your computer that will automatically log you in. It will also generate completely random passwords for you. You simply remember the main password and it does the rest.
- Never click on a link in any email, even that one you receive from Aunt Sally unless Aunt Sally specifically told you she was emailing you a link. Instead open your browser and type in the website mentioned in the email. It can be a pain but then again so is having your identity stolen.
- Never allow anyone you have not either met personally or can be 100% certain they are who they say they are, connect to your computer. 1% of doubt is too much.
Some Links to Check Your Online Info/Status
Check your email address: https://haveibeenpwned.com/
What Facebook knows about you: https://www.facebook.com/ads/preferences
What Google knows about you: https://adssettings.google.com/authenticated
Where Google knows you’ve been: https://www.google.com/maps/timeline?pb
What have you been doing online: https://myactivity.google.com/myactivity
See more in this article by CNBC: https://www.cnbc.com/2017/11/20/what-does-google-know-about-me.html