Jump to content

WARNING! I'm hacked you and stolen you information


Recommended Posts

Hello all

The title is the entry in the subject of an eMail received a few days ago.

The writer wants to find dirty stuff in my system (which can't be true) and spread it all over my contacts.
I should transfer $500 to a Bitcoin account, then he will delete everything and never bother me again.

I don't want to list the complete eMail here.
The complete eMail is about one and a half A4 pages.

Isn't this eMail part of Malwarebytes' job to detect this?

Google has listed me some treats where other users also report about it. Is that not known here?

Looking forward to reply and kind regards

ryma

Link to post
Share on other sites

Yes, the password I changed immediately.

I suspect that I actually clicked on a link a few days ago, but it led to nirvana. The content of the eMail had details about a delivery that I should confirm on a website. And I had a postal package in prospect. But when I clicked on the link, no website was displayed. This has already puzzled me.

Yes, my password was actually listed in the link. Crazy.

Link to post
Share on other sites

This is purely a scam and they send those emails out en masse hoping one or two bite at the bait.  

Just delete the email and then change your email password to a new Strong Password just to make sure.

Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach.

https://haveibeenpwned.com/

Please reference:
-----------------
US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims
US FTC Consumer Information - How to avoid a Bitcoin blackmail scam
Bitcoin - Bitcoin Abuse Database
BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites
Malwarebytes' Blog - Sextortion emails: They’re probably not watching you
Malwarebytes Forum sample thread - Got strange threating email.
Malwarebytes Forum FYI thread - FYI: Email Blackmail Scam still current

 

 

  • Thanks 1
Link to post
Share on other sites

51 minutes ago, ryma52 said:

The content of the eMail had details about a delivery that I should confirm on a website. And I had a postal package in prospect. But when I clicked on the link, no website was displayed. This has already puzzled me.

Those package delivery emails are going to be a big concern because all of the online shopping for Christmas. Many are scams and you should not click the links and especially if it has an attachment never open those attachments.

You should always check the merchant you purchased from for any tracking details directly

  • Like 1
Link to post
Share on other sites

  • Root Admin

Here is a snippet from our Tips to help protect your system.

 

Use Password Management software

Bitwarden
KeePass Password Safe

Make sure you use a strong master password
Then set the key transformation settings (the link below helps provide information on how to choose good settings)
https://pthree.org/2016/06/29/further-investigation-into-scrypt-and-argon2-password-hashing
KeePass Password Manager: Full Detailed Setup (good YouTube video on setup and using Keepass but choose the Argon2 method for Key transformation)

Password Managers Compared: LastPass vs KeePass vs Dashlane vs 1Password

https://www.theregister.com/2021/02/25/lastpass_android_trackers_found/

 

 

Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.

  1. https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/
  2. Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
  3. Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download
  4. Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
  5. Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ 
  6. Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

uBlock Origin

 

Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/

 

Thank you for using Malwarebytes

 

  • Thanks 1
Link to post
Share on other sites

One thing I would add (to the advice for changing the password for GMX) is to check your other passwords for other services and if any other services use the same password (or a similar password e.g. mainly the same with just a number change at the end for example) I would urgently change these passwords to something unique and different too.  Many hackers will immediately check other services like paypal and Amazon etc. to see if the password works or a slightly modified version of the password works). 

This is a less common problem these days due to the more widespread use of 2 factor authentication but there is always the exception that proves the rule. Some websites that are weak on security can compromise more secure websites in this manner if you are one of the people who tend to use the same or similar password for multiple sites - not saying you are :-) 

If you don't currently use 2FA on some services then this is worth implementing. It comes in many forms and does vary from website to website.  I personally use a mixture of SMS (to my mobile phone) or Authy authenticator app (if available on a given website).  Many services (like banking) have their own.  Google and Microsoft and Paypal and cloudflare all can be made to work with Authy.

 

Mind you - even authy was targetted a short while back but..   if you follow all the best practices for that service here: https://www.androidpolice.com/authy-hacked-what-to-know/ then you will be 99.999% safe. For example, It is important to setup a backup device and then disable the ability to add new devices. It is a bit of a faff but those interested in high security will find that article interesting. 

 

 

Edited by smipx013
  • Like 2
  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.