Blackmail email

[Mulmur]

I just received a typical internet blackmail email from someone claiming to have had access to my macbookpro for a couple of months and that they installed a Trojan to control my webcam, etc., etc. and then instructions for paying a ransom or images, etc. get sent to all my contacts, etc.   I've had the free version of Malwarebytes for some time and just upgraded to the pay version.  OSX.FakeFileOpener is in quarantine but I don't know for how long or when that was put there relative to the hack.  My concern is that the blackmail email came from my own email address suggesting that someone continues to have access, to some extent, to my machine.  And I don't know whether that app in quarantine is the culprit or whether, if the hack predates the installation of Malwarebytes, the trojan, etc., could still be there and undetectable.   Any thoughts would be much appreciated.

[Massimiliano]

Read here

[David H. Lipman]

This is purely a scam and they send those emails out en masse hoping one or two bite at the bait.  

Just delete the email and then change your email password to a new Strong Password just to make sure.

Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach.

https://haveibeenpwned.com/

Please reference:
-----------------
MyOnlinesecurity - attempted-blackmail-scam-watching-porn
BleepingComputers - Beware of Extortion Scams Stating They Have Video of You on Adult Sites
Malwarebytes' Blog - Sextortion emails: They’re probably not watching you
Malwarebytes Forum sample thread - Got strange threating email.

 

[Mulmur]

Thanks very much Dave.  It does seem to be the overwhelming consensus that these things should just be ignored and that would seem obvious except these guys were able to send that email FROM MY OWN email address.  Does that not raise more red flags and suggest that they really do, to some extent, have access to my computer?

[Mulmur]

Should have done more research before that last followup.  It seems that these guys ARE able to send emails that seem to come from the address of the victim but it, in fact, does not and so it  isn't evidence that they still have access to the victim's computer.  Guess I answered my own question!

[David H. Lipman]

The Headers of the email are forged so it looks like the email was sent from your account.

[alvarnell]

And the OSX.FakeFileOpener isn't responsible for anything other than messing with your ability to open files with the correct application. You do need to clear it from Quarantine and possibly restart to stop this from happening, though.

[Hornsj2]

If you have the ability to open your SMTP header for the email you will most likely see (I would bet my house on it) that they are "spoofing" your email address.  There are many different types of these email scams going around now.  Some ask for bitcoin, some tell you to click on a link to see evidence.  If you click on any links you WILL get malware.  

Report this to your email provider or buy a SPAM filter if you run your own server.  

[Hornsj2]

Forgot to mention that it is possible that if your email address and password were taken in a breach they CAN do bad things so as everyone is saying make sure you change your password.  Also, it is a really bad idea to share passwords amongst different sites.  It is a pain to do, but you should have a strong password that is unique to each account you have online.  By the way, these people are stealing not only passwords and email but phone numbers, challenge question answers(think mother's maiden name etc), and other personal information.  None of that is proof they have hacked your device.