Email: I know H4kT3hM@k is your passphrase

I received the following email (see below of the heading "The Email"), which actually have received three of these now and thought best to share it out for interests.

The email at first seems to be scary as an actual (or near identical) password is shown on the subject title. And reading through reading this is of extortion of well, sense this person knows a password of yours, has some compromising video of you, which will be sent out to your contacts.

There is both good news and bad news associated with this. The good news is that this is not true and will be explained below. The bad news is that one of the websites you have registered with was hacked and thus of how this password and email address was obtained. To figure this out, go to "Have I Been Pwned":

Type in your email address and see the results. For example with this email of mine, there were six sites that were breached (only those that are known) and five of those had leaked email and passwords. Fortunately this particular email address of mine I had not used for sensitive sites and the password has changed multiple times since.

However, if this was the prime email address and the current password, well this could become dicey. The first thing to do would be to go to all of the critical sites and immediately change the passwords. I think I would so much create a new email account and have them switch over to that. If possible, check for last login times/dates to confirm no possible unauthorized logins and may want to perform a credit and bank account check. Then once done, go about to the non-important sites and change the passwords.

If there has been awhile since the last change of passwords, then take the opportunity to change them up.

The Email

I know H4kT3hM@k is your passphrase. Lets get straight to point. You don't know me and you are probably thinking why you are getting this e mail? No-one has paid me to investigate you.

actually, I actually installed a malware on the 18+ videos (porno) web site and guess what, you visited this web site to experience fun (you know what I mean). While you were viewing videos, your web browser initiated functioning as a Remote Desktop having a keylogger which gave me access to your display screen as well as web camera. after that, my software program gathered all of your contacts from your Messenger, FB, as well as e-mail . After that I created a double-screen video. 1st part shows the video you were watching (you have a good taste omg), and 2nd part displays the recording of your webcam, yea its u.

You will have two different options. We will study the choices in particulars:

First option is to disregard this email message. In this scenario, I will send out your videotape to every one of your contacts and also imagine concerning the awkwardness you feel. And consequently if you are in a romantic relationship, precisely how it is going to affect?

Latter option would be to give me $5000. We are going to call it a donation. Consequently, I most certainly will instantaneously delete your video recording. You will keep on everyday life like this never took place and you never will hear back again from me.

You will make the payment by Bitcoin (if you don't know this, search for "how to buy bitcoin" in Google).

BTC Address to send to: 18UGCY89NzzcSfoeBTbr1LSMZAUH1MdJXp

[case-sensitive so copy and paste it]

If you have been thinking of going to the authorities, okay, this mail cannot be traced back to me. I have taken care of my actions. I am not attempting to charge a fee much, I simply prefer to be paid for.

You now have one day to make the payment. I have a unique pixel within this e-mail, and right now I know that you have read this mail. If I do not receive the BitCoins, I will definitely send out your video to all of your contacts including members of your family, coworkers, and many others. However, if I do get paid, I will erase the recording right away. If you really want proof, reply with Yes and I will send out your video to your 12 friends. It's a non:negotiable offer, thus please don't waste my personal time & yours by replying to this e mail.

Why This Is A Scam

The good news is this is a scam as can be determined from the following points:

• First is if you have not registered with porn sites to begin with, then this completely bogus.
• Secondly, copy the first line or a key phrase from the email and perform a web search. Most likely others have received it and want to know if it is real or a scam. As in this case, this was sent out to others.
• Now to have the web browser act similar as a Remote Desktop, to allow for an attacker to use commands, activate the webcam and access to the computer is very difficult, nearly impossible, well unless maybe using Internet Explorer... (ok bad joke). Somethings that help with this is having an endpoint protection system that prevents apps from automatically using the webcam (an alert would be generated) and having the webcam disabled by hardware means (or with a sliding cover).
• Where's the beef? If this did indeed was the case of having been 'caught in the act' on the webcam, the scammer would have provided some evidence, such a picture or a link for the video for credibility. Though a scammer could have either file infected and not even of the actual recording.
• The scammers mentions of mailing out video tapes... video tapes, really? Who has a VCR these days? Even if I was caught in the act, none of my contacts has a VCR to watch it. Should have stated a DVR or disc, more plausible there.
• The next is with the demand with Bitcoin ransom. This is rather funny actually. First, Bitcoin is trackable, there are other cryptocurrencies that are not. Secondly, for a person not familiar with Bitcoin (or even so) to buy Bitcoin with physical money usually takes two to five days. For example if to buy Bitcoins through the Coinbase exchange via a bank transfer, will take five days. Third, can review to see if anyone has made transfers to this Bitcoin account by going to a Bitcoin Explorer. An Explorer will display the transactions history of the account. From the three emails I received, not one account has received anything (hurray!). Fourth, the value of Bitcoin (as of this time) is dropping.
• Lastly, the scammer mentions of having a one pixel by one pixel picture in the email for tracking purposes. Such an image would be registered as an attachment, which did not exist and the email system did not state of stripping out any files.

I have noticed that my ransom has been going up, original was $2,900; now at $5,000. Maybe will get to $10,000 soon.