Jump to content

Keylogger and Trojan


Recommended Posts

Rec'd a email saying they had my password (they showed a partial of a pw I used in the past), and said  videos I watched would be made public if I didn't pay him with bitcoins (there are no videos except auto racing).  He provide a BC account BTW.  So I am pretty sure he's bluffing and the only thing that really worries me is his comment about using a keystroke logger.  I have Norton Security Suite, I use Dashlane and bought Malwarebytes today after receiving the email this morning.  I think it's a scam - he asked for $751.00 (odd number I think). Do I have any reason to be concerned?   Is there anything else I should do?

Link to post
Share on other sites

This is purely a scam and they send those emails out en masse hoping one or two bite at the bait.  

Just delete the email and then change your email password to a new Strong Password just to make sure.

Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach.  That is most likely how they had a partial password you had in the past.

https://haveibeenpwned.com/

Please reference:
-----------------
US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims
US FTC Consumer Information - How to avoid a Bitcoin blackmail scam
MyOnlinesecurity - attempted-blackmail-scam-watching-porn
BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites
Malwarebytes' Blog - Sextortion emails: They’re probably not watching you
Malwarebytes Forum sample thread - Got strange threating email.
Malwarebytes Forum FYI thread - FYI: Email Ransom Scam still current

 

 

Edited by David H. Lipman
Link to post
Share on other sites

No.  Basically it shows that that email address ( or addresses ) were associated with a data breach and that would indicate how this occurred...
" ...saying they had my password (they showed a partial of a pw I used in the past), "

If that password is used anywhere now, please change it to a new Strong Password.

 

Link to post
Share on other sites

David, 

Yes, I have almost changed all my passwords to new, longer, more complex passwords (UP, LC, #'s, Special Chars and 12 digits) so hopefully that door is closed.  I still have a few to check but will be done in the next couple of hours I think.

BTW, Am I wrong to think the damage done when companies like Comcast, Experian and other companies with large databases of personal info, is much more damaging to me than me having a password stolen.  I would have a hard time finding any company with the ability to do more damage than Experian and while I find the email I received illegal and whoever sent it should go to jail, I suspect Experian and Comcast, etc, did far more damage to me than the email sender.  While I have taken steps to protect my passwords and data, I feel like the damage done by Comcast, etc cannot be undone or mitigated.   Also, once all that info is in the wrong hands, no amount of Password changing will make up for the SS #'s, mother maiden names, etc will get it off the internet.

While I will follow your suggestions, I'm a bit frustrated because of the above.  Am I wrong?

Thanks

Link to post
Share on other sites

Large companies holding Personally Identifiable Information ( PII )  and their failure to protect that data and/or share that data without your expressed permission is a problem.  Limiting your exposure to having a large number of web sites having PII is a start.  For example if you have five doctors that each tell you to create an Internet, web, account, don't do it for any of them.  Send companies you have subscription and leases with a Right of Privacy and Opt-Out notification.   Tell them they are legally bound to protect your data and they are NOT allowed to share that data or collect meta data.

However, if a stolen password is current and can be used at a banking or other financial site or a site that contains PII can lead to Identity Theft and can have greater and more profound consequences.

You stated...
" Also, once all that info is in the wrong hands, no amount of Password changing will make up for the SS #'s, mother maiden names, etc will get it off the internet. "

With fixed data such as a SS#, yes.  However sites that have challenge questions or ask your mother maiden name have them change the information or ask something new.  This would go for any compromised challenge question answers.

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites

Hi Dave,

Yes, one more thing: I was wondering if you could talk a bit about defending against KeyLoggers?  I was pretty sure that email was a scam but the thing I worried about the most was the threat of a keylogger which would track anything I did to defend against the attack.  I don't visit porn sites or download questionable things so I was pretty sure I had avoided a Keylogger, but I was wondering, How would I know for sure?  Will Malwarebytes Premium protect me?

Link to post
Share on other sites

A "Keylogger" is just another form of trojan.  One should not think just about this trojan sub-type of malware but should think holistically about the ingress of all sorts of malware.  This begins with practicing Safe Hex.  That means use Critical Thought about what you see and what is presented to you and ask those all important questions.  Understand Social Engineering and how its exploits the human vulnerabilities and emotions.  Don't willy-nilly click on URLs.  Have Situational Awareness and learn about the threats that were presented Yesterday and are being presented Today.  Performing them, and using an anti malware like MBAM or MBAM couples with a full anti virus application, will go along way in preventing malware from infecting your platform(s). 

Yes, MBAM Premium specifically targets, blocks and removes Keylogging trojans.

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.