Cyber Awareness Article - Sextortion
Patrick Hamilton
CTO Internet 2.0 | Director & Boardmember (US) | Cybersecurity & Technology Expert | Machine Learning & Neural Network Specialist | Financial Institutions & Critical Infrastructure | Solution Architect | CISSP ?
You may or will have come across an email that states your account was hacked (with your email address listed), and along with an actual password of yours. The attackers also indicates that some application was installed to record your webcam and microphone, while you supposedly visited certain "naughty sites".
A ransom of some dollar amount in terms of Bitcoin currency is stated and within a two day time frame or else the recorded information will be released publicly.
This is referred to as Sextortion.
How this occurred is two ways; either the email address was from a list of emails for spammers, or the email was registered at a website that was breached. If a password is in the email, then this occurred due to a compromised website with you account information.
What to do?
Basically, delete it. Or make an email rule to send these emails to the junk folder. If you received one, you will be getting more latter on. There will be key phrases used in the email, and thus can use those phrases as part of the ruleset.
If you have doubts if it is true or not, perform a websearch and see if others have posted receiving such emails.
Currently none of the emails provide proof of evidence other than for a password. But even if there is a file attached (as "proof") do not open it, as this will lunch malware for an infection. And do not click on any links.
Also there is no means to correspond with the attacker as the email is spoofed. One site to help check if your accounts and passwords were compromised, you can visit, Have I Been Pwned.
For further reading of knowledge, I recommend this recent news article from Bleeping Computer: