Advise what to do after receiving email from Hacker trying to extort money

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Topic Author
simpleliving1
Posts: 49
Joined: Wed Nov 27, 2019 9:55 am

Advise what to do after receiving email from Hacker trying to extort money

Post by simpleliving1 »

BHs.

Last evening DW received an email from Hacker threatening her to transfer $1000 in BTC, else they will turn her life upside down by sharing sensitive information about her to public. This email subject line contains the list of her current passwords and in the text, they mentioned they have installed a virus on her laptop and now they have access to all of her information. DW thinks this might have happened because she recently installed ZOOm video conferencing software on her laptop recently.

Since then we have changed the password of her and mine email, financial institutes and every single possible online account we can think of. Formatted the Windows on laptops and deleted any account that we are not currently using.
Please advise us what else we could do? Can we report this incident to someone to help stop it happening to others?


P.S. We change the passwords to our account every 90 days and passwords are very strong according to the websites. We also have the subscription to LifeLock plus identity theft protection through my employer.
User avatar
ResearchMed
Posts: 10673
Joined: Fri Dec 26, 2008 11:25 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by ResearchMed »

simpleliving1 wrote: Thu Apr 16, 2020 9:07 am BHs.

Last evening DW received an email from Hacker threatening her to transfer $1000 in BTC, else they will turn her life upside down by sharing sensitive information about her to public. This email subject line contains the list of her current passwords and in the text, they mentioned they have installed a virus on her laptop and now they have access to all of her information. DW thinks this might have happened because she recently installed ZOOm video conferencing software on her laptop recently.

Since then we have changed the password of her and mine email, financial institutes and every single possible online account we can think of. Formatted the Windows on laptops and deleted any account that we are not currently using.
Please advise us what else we could do? Can we report this incident to someone to help stop it happening to others?


P.S. We change the passwords to our account every 90 days and passwords are very strong according to the websites. We also have the subscription to LifeLock plus identity theft protection through my employer.
Can you post the first few sentences (omit any personal ID/etc.)?
These are usually "scammy scams"... that is, they are FAKE. They usually did not do what they said they did (install a malware) or what they say they will do (share private info or nasty photos).
They usually just hope some will be scared enough to send the money.

Hopefully, the wording will match what many of us have been receiving - and ignoring.

RM
This signature is a placebo. You are in the control group.
Afty
Posts: 1407
Joined: Sun Sep 07, 2014 5:31 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Afty »

This is a current scam. They found your wife's password in a password dump. They don't have any actual sensitive information nor did they install anything on your laptop. Just ignore it.

https://nakedsecurity.sophos.com/2018/0 ... ll-for-it/
carolinaman
Posts: 4351
Joined: Wed Dec 28, 2011 9:56 am
Location: North Carolina

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by carolinaman »

I had a similar threat a few months ago. Someone gained access to a check that I had written a year earlier, they had my email address and cell phone number. They sent me an email claiming to have all sorts of information but that seemed to be a bluff. We immediately changed our checking account, which was painful due to all the auto deposits and payments, but they never attempted to pull money from our account. They demanded a fraction of a bitcoin in a later text.

I reported it to the company who I had sent the check to. They never told me anything but I saw a news story later that said there was some disgruntled employee of this company whose purpose was to embarrass the company by disclosing this info to customers.

Your situation is different because the hacker has apparently gained access to your wife's computer. It sounds like you are doing the right things. If I were you, I would inform your bank of this. They may require that you change accounts, which is a hassle, but may be the right step to take. If you inform the bank, this covers you in case some bad actor pulls money from your account. I could be wrong, but I do not think someone needs your password to pull money from a checking account. Good luck!

The more I hear about Zoom, the more I think I am going to avoid using it.
User avatar
Peculiar_Investor
Posts: 1608
Joined: Thu Oct 20, 2011 12:23 am
Location: Staying home - Calgary, AB
Contact:

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Peculiar_Investor »

simpleliving1 wrote: Thu Apr 16, 2020 9:07 am This email subject line contains the list of her current passwords and in the text,
You can check Have I Been Pwned: Check if your email has been compromised in a data breach to see if your email addresses have been compromised.

As others have mentioned this scam email seems to go in regular circulation with slight variations. My favorite is the one that tells me my machine is compromised and they've got video from my web camera to prove it. Problem is, my computer doesn't have a web cam.
Normal people… believe that if it ain’t broke, don’t fix it. Engineers believe that if it ain’t broke, it doesn’t have enough features yet. – Scott Adams
Silk McCue
Posts: 4806
Joined: Thu Feb 25, 2016 7:11 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Silk McCue »

It's just a bluff scam. No need to do anything more with this beyond what you have already done.

Cheers
User avatar
Will do good
Posts: 1023
Joined: Fri Feb 24, 2012 8:23 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Will do good »

I have those emails for months, at time 3-4 a day. They all post one old password I used to use years ago, they also claim they hack my computer and video camera and watch me do illegal stuff, if I don't pay them they will turn me in or shame me to my family and friends. :twisted:

Don't respond, make sure all your online accounts have new, long and different passwords and you should be fine.
mhalley
Posts: 8417
Joined: Tue Nov 20, 2007 6:02 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by mhalley »

Changing passwords frequently us actually less safe than having a very strong password and sticking with itm
User avatar
Clever_Username
Posts: 1748
Joined: Sun Jul 15, 2012 12:24 am
Location: Southern California

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Clever_Username »

This is a common scam. Many websites are garbage at storing passwords, and hackers can get the list. Then they email you, say they have your password, and scare people who think the only way someone got that is whatever they scared you with.

One thing useful from the email: make sure you aren't still using any of those passwords, or easy derivatives of those. When you sign up for a new forum, use a burner password and immediately reset (use the "forgot password" feature). If your password gets emailed to you in plaintext, beware. There's no reason for a website to store your password in plaintext. This forum does password protection correctly -- or, at the very least, I know it isn't in plaintext.
"What was true then is true now. Have a plan. Stick to it." -- XXXX, _Layer Cake_ | | I survived my first downturn and all I got was this signature line.
Hogan773
Posts: 575
Joined: Thu May 07, 2015 11:14 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Hogan773 »

[OT comment removed by admin LadyGeek] That is usually the email I get. It has some password I've used for some random forum like Honda forums or whatever, and then it proceeds to tell me that they activated my webcam while I was pleasuring myself looking at adult sites and they will send that video to all my contacts. They remind me in their broken English "oh the shame you will surely feel, and oh to just think about what your wife and children will do now, you will lose everything" and on and on

Just ignore it and delete the email.
Topic Author
simpleliving1
Posts: 49
Joined: Wed Nov 27, 2019 9:55 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by simpleliving1 »

Thank you, everyone, for inputs.
Here is the actual text
"Pay $1000 in btc to the down below address (remove***from it):

bc1***qwc5ldj8h25adqfwlhsvlwn29pu62h2d6p46f9l

You may be wondering why the heck would you do that? Very well, put together yourself simply because I am going to move your entire world today. I had a threatening spyware infect your pc and also record movie of YOU (using your webcam) while you looked at 'adult' websites.

Here's one of your password ........

Nonetheless don't believe me? Reply 7 and I'll be randomly share your video clip with 7 people you recognize (Yes, I have got access to your address book as well).

At this moment, what do I want to get this to entire thing vanish? Well, I have already described the actual offer in beginning of the e-mail. Should you not fulfill it within Twenty-four hrs, I most certainly will create your life terrible by sending that video clip to Every person you know. Your time starts right now."

As advised She won't be using those passwords anymore and will not share the same passwords across other platforms. We will ignore the email. One user listed to the link to find if an email address was pwned, I found both her and my primary email address are pwned 6 and 8 times.
User avatar
SmileyFace
Posts: 5702
Joined: Wed Feb 19, 2014 10:11 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by SmileyFace »

As a Scam email it has the obligatory bad English in it I see:

"will create your life terrible"

My life was already created many decades ago. Jury is still out on whether it was created terrible or not.
Hogan773
Posts: 575
Joined: Thu May 07, 2015 11:14 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Hogan773 »

simpleliving1 wrote: Thu Apr 16, 2020 2:37 pm Thank you, everyone, for inputs.
Here is the actual text
"Pay $1000 in btc to the down below address (remove***from it):

bc1***qwc5ldj8h25adqfwlhsvlwn29pu62h2d6p46f9l

You may be wondering why the heck would you do that? Very well, put together yourself simply because I am going to move your entire world today. I had a threatening spyware infect your pc and also record movie of YOU (using your webcam) while you looked at 'adult' websites.

Here's one of your password ........

Nonetheless don't believe me? Reply 7 and I'll be randomly share your video clip with 7 people you recognize (Yes, I have got access to your address book as well).

At this moment, what do I want to get this to entire thing vanish? Well, I have already described the actual offer in beginning of the e-mail. Should you not fulfill it within Twenty-four hrs, I most certainly will create your life terrible by sending that video clip to Every person you know. Your time starts right now."

As advised She won't be using those passwords anymore and will not share the same passwords across other platforms. We will ignore the email. One user listed to the link to find if an email address was pwned, I found both her and my primary email address are pwned 6 and 8 times.
Weird

I just got some email with a .MOV attachment about you. Looks like someone was having "fun" that day haha
mptfan
Posts: 6204
Joined: Mon Mar 05, 2007 9:58 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by mptfan »

Hogan773 wrote: Thu Apr 16, 2020 10:13 am Just ignore it and delete the email.
+1
mptfan
Posts: 6204
Joined: Mon Mar 05, 2007 9:58 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by mptfan »

DaftInvestor wrote: Thu Apr 16, 2020 2:40 pm As a Scam email it has the obligatory bad English in it I see:

"will create your life terrible"
There is so much poor grammar in that email I don't know where to begin.
yules
Posts: 178
Joined: Wed Nov 27, 2019 10:31 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by yules »

simpleliving1 wrote: Thu Apr 16, 2020 9:07 am BHs.

Last evening DW received an email from Hacker threatening her to transfer $1000 in BTC, else they will turn her life upside down by sharing sensitive information about her to public. This email subject line contains the list of her current passwords and in the text, they mentioned they have installed a virus on her laptop and now they have access to all of her information. DW thinks this might have happened because she recently installed ZOOm video conferencing software on her laptop recently.

Since then we have changed the password of her and mine email, financial institutes and every single possible online account we can think of. Formatted the Windows on laptops and deleted any account that we are not currently using.
Please advise us what else we could do? Can we report this incident to someone to help stop it happening to others?


P.S. We change the passwords to our account every 90 days and passwords are very strong according to the websites. We also have the subscription to LifeLock plus identity theft protection through my employer.
Dear OP,

1) The hacker only wants $1000? He or she works cheap!
2) If the hacker really has access to everything on the laptop, wouldn’t it be easier for the hacker just to transfer the $1000 by him or herself? Or lie in wait and use a key logger to get the log in information for all your sites? Why would the hacker subcontract this scam out to the victims themselves?

Good luck!
Yules
jjface
Posts: 3071
Joined: Thu Mar 19, 2015 6:18 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by jjface »

Afty wrote: Thu Apr 16, 2020 9:21 am This is a current scam. They found your wife's password in a password dump. They don't have any actual sensitive information nor did they install anything on your laptop. Just ignore it.

https://nakedsecurity.sophos.com/2018/0 ... ll-for-it/
Exactly. Most scams send out generic possibilities and hope they will sound true to someone. Eg I caught you cheating and have it on video. Well if you send it to 20,000 people chances are some have actually been cheating so may get scared but the scammer doesn't have anything in particular on them. Or I send an email to all bogleheads titlted I caught you market timing in March send me $1000 or I'll tell. I may make some money off that :D

Ignore it. Unless you are a high risk target you won't be targeted personally. Most likely it is a fishing expedition sent to millions. My wife recieved something similar actually. Spelling and grammar are usually bad. Don't ever click on links.
User avatar
Michael Patrick
Posts: 131
Joined: Wed Dec 19, 2018 10:25 am
Location: Madison, WI

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Michael Patrick »

I've gotten the porn scam emails, where they say the hacked my camera and caught me surfing porn, etc. And they included an old password (from a guitar forum that had recently shut down) to make it seem authentic.

But my desktop doesn't have a camera and I put blue painters tape over the camera on my laptop after seeing a story about how the cameras can be hacked. A quick Google search confirmed that it is a rather common scam. I just deleted the email.
Hogan773
Posts: 575
Joined: Thu May 07, 2015 11:14 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Hogan773 »

jjface wrote: Thu Apr 16, 2020 2:49 pm
Afty wrote: Thu Apr 16, 2020 9:21 am This is a current scam. They found your wife's password in a password dump. They don't have any actual sensitive information nor did they install anything on your laptop. Just ignore it.

https://nakedsecurity.sophos.com/2018/0 ... ll-for-it/
Exactly. Most scams send out generic possibilities and hope they will sound true to someone. Eg I caught you cheating and have it on video. Well if you send it to 20,000 people chances are some have actually been cheating so may get scared but the scammer doesn't have anything in particular on them. Or I send an email to all bogleheads titlted I caught you market timing in March send me $1000 or I'll tell. I may make some money off that :D

Ignore it. Unless you are a high risk target you won't be targeted personally. Most likely it is a fishing expedition sent to millions. My wife recieved something similar actually. Spelling and grammar are usually bad. Don't ever click on links.
I only have one conclusion from all this

Everyone's wives need to stop looking at so much porn.....
Murr
Posts: 11
Joined: Fri Mar 24, 2017 2:33 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Murr »

I received the same email yesterday. It was pretty believable at first but the password they had was old, lots of spelling errors and sounded like a 10 year old wrote it. Apparently it's been around for a while but this one came from a legit looking outlook email address and didn't get caught in the spam filter which made me think twice about it at first.
User avatar
JoMoney
Posts: 9766
Joined: Tue Jul 23, 2013 5:31 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by JoMoney »

I can't help but think about all the attention seeking Internet 'viral video' wanna-be's licking toilet seats (and much much worse) TRYING to get attention. How several untalented "famous for being famous" people had sex videos "leaked" on the Internet that got them their start. There would be a certain hilarious irony if the threat was real, and the "hacker" despite their attempt to shame and extort someone, unintentionally propelled their victim into riches and stardom :D
"To achieve satisfactory investment results is easier than most people realize; to achieve superior results is harder than it looks." - Benjamin Graham
User avatar
anon_investor
Posts: 3464
Joined: Mon Jun 03, 2019 1:43 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by anon_investor »

Michael Patrick wrote: Thu Apr 16, 2020 2:53 pm I've gotten the porn scam emails, where they say the hacked my camera and caught me surfing porn, etc. And they included an old password (from a guitar forum that had recently shut down) to make it seem authentic.

But my desktop doesn't have a camera and I put blue painters tape over the camera on my laptop after seeing a story about how the cameras can be hacked. A quick Google search confirmed that it is a rather common scam. I just deleted the email.
Haha I got one of those emails too, pretty easy to tell it's a scam. Also, the instructions to send bitcoin are too complicated for me, which is silly, the people that might fall for the scam probably couldn't even figure out the payment instructions. I wonder how many people fall for these?
Topic Author
simpleliving1
Posts: 49
Joined: Wed Nov 27, 2019 9:55 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by simpleliving1 »

Hogan773 wrote: Thu Apr 16, 2020 2:54 pm
jjface wrote: Thu Apr 16, 2020 2:49 pm
Afty wrote: Thu Apr 16, 2020 9:21 am This is a current scam. They found your wife's password in a password dump. They don't have any actual sensitive information nor did they install anything on your laptop. Just ignore it.

https://nakedsecurity.sophos.com/2018/0 ... ll-for-it/
Exactly. Most scams send out generic possibilities and hope they will sound true to someone. Eg I caught you cheating and have it on video. Well if you send it to 20,000 people chances are some have actually been cheating so may get scared but the scammer doesn't have anything in particular on them. Or I send an email to all bogleheads titlted I caught you market timing in March send me $1000 or I'll tell. I may make some money off that :D

Ignore it. Unless you are a high risk target you won't be targeted personally. Most likely it is a fishing expedition sent to millions. My wife recieved something similar actually. Spelling and grammar are usually bad. Don't ever click on links.
I only have one conclusion from all this

Everyone's wives need to stop looking at so much porn.....
:D :D
Topic Author
simpleliving1
Posts: 49
Joined: Wed Nov 27, 2019 9:55 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by simpleliving1 »

anon_investor wrote: Thu Apr 16, 2020 2:59 pm
Michael Patrick wrote: Thu Apr 16, 2020 2:53 pm I've gotten the porn scam emails, where they say the hacked my camera and caught me surfing porn, etc. And they included an old password (from a guitar forum that had recently shut down) to make it seem authentic.

But my desktop doesn't have a camera and I put blue painters tape over the camera on my laptop after seeing a story about how the cameras can be hacked. A quick Google search confirmed that it is a rather common scam. I just deleted the email.
Haha I got one of those emails too, pretty easy to tell it's a scam. Also, the instructions to send bitcoin are too complicated for me, which is silly, the people that might fall for the scam probably couldn't even figure out the payment instructions. I wonder how many people fall for these?
I was also wondering how many people fall for this kind of scam given the instructions to send bitcoins are very complicated and most of folks do not even own bitocoins,
yules
Posts: 178
Joined: Wed Nov 27, 2019 10:31 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by yules »

Hogan773 wrote: Thu Apr 16, 2020 2:54 pm
jjface wrote: Thu Apr 16, 2020 2:49 pm
Afty wrote: Thu Apr 16, 2020 9:21 am This is a current scam. They found your wife's password in a password dump. They don't have any actual sensitive information nor did they install anything on your laptop. Just ignore it.

https://nakedsecurity.sophos.com/2018/0 ... ll-for-it/
Exactly. Most scams send out generic possibilities and hope they will sound true to someone. Eg I caught you cheating and have it on video. Well if you send it to 20,000 people chances are some have actually been cheating so may get scared but the scammer doesn't have anything in particular on them. Or I send an email to all bogleheads titlted I caught you market timing in March send me $1000 or I'll tell. I may make some money off that :D

Ignore it. Unless you are a high risk target you won't be targeted personally. Most likely it is a fishing expedition sent to millions. My wife recieved something similar actually. Spelling and grammar are usually bad. Don't ever click on links.
I only have one conclusion from all this

Everyone's wives need to stop looking at so much porn.....
Or maybe we should destigmatize porn, to the point that it society does not consider it a shameful activity. Then, these hackers may as well also show all my friends a video of me mowing my lawn, eating pizza, or changing a lightbulb.

Yules
Jim Beaux
Posts: 108
Joined: Sun Jul 23, 2017 4:29 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Jim Beaux »

Unlax. The dumbo would have shown you more evidence than the PW if he had more. Here ya go.

'Apr 10, 2020
Sextortion emails and porn scams are back – don’t let them scare you!

We’ve seen a recent surge of concern about sextortion emails over the last few days.'

https://nakedsecurity.sophos.com/2020/0 ... scare-you/

****

' July 13, 2018

The most likely explanation is that they’re passwords stolen in one of the many large data breaches that have occurred over the last decade. Passwords exposed by events like the 2012 LinkedIn breach are packaged up by criminals and sold and resold in their millions, even years after the event.

That’s because some data breaches take years to be discovered, and because the crooks know they can still get lucky with your password, even if you’ve changed it since the breach.

That’s because many of us like to reuse the same password over and over again, on lots of different sites. So, if a crook gets hold of a password you used for one website they’re likely to try it on other websites you might use, or sell it to somebody else who will – which is why you should never use the same (or similar) passwords on different sites.'

https://nakedsecurity.sophos.com/2018/0 ... ll-for-it/
Jim Beaux
Posts: 108
Joined: Sun Jul 23, 2017 4:29 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Jim Beaux »

JoMoney wrote: Thu Apr 16, 2020 2:55 pm I can't help but think about all the attention seeking Internet 'viral video' wanna-be's licking toilet seats (and much much worse) TRYING to get attention. How several untalented "famous for being famous" people had sex videos "leaked" on the Internet that got them their start. There would be a certain hilarious irony if the threat was real, and the "hacker" despite their attempt to shame and extort someone, unintentionally propelled their victim into riches and stardom :D
Not with my 'nekkid' pics 8-)
02nz
Posts: 5555
Joined: Wed Feb 21, 2018 3:17 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by 02nz »

I think what you did is enough. As others have noted they probably found a dump of your passwords. But if they actually had login information they could use to access your funds, they would have already done that (and without letting you know, obviously!), rather than this rather pathetic attempt to blackmail you into sending them money.
SnowBog
Posts: 319
Joined: Fri Dec 21, 2018 11:21 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by SnowBog »

Email is a scam, delete it and don't think about it.

But if someone hasn't mentioned it yet, strongly enable two-factor authentication everywhere possible. Even "strong" passwords can be compromised. Two-factor authentication adds another layer, which needs to be bypassed to gain access. It also can give you notice when someone is attempting to gain access, as you'll get 2FA requests tipping you off...

Most services have some form of 2FA they support. While not the most secure option, one time codes sent to text messages are ubiquitous. At the other end, some sites/services support physical security keys. Leverage what you can!

This recommendation has nothing to do with the email you received. Everyone should enable and use 2FA. The sooner passwords "die" the better for all of us...
yohac
Posts: 387
Joined: Sat Sep 01, 2018 1:42 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by yohac »

simpleliving1 wrote: Thu Apr 16, 2020 2:37 pm I had a threatening spyware infect your pc and also record movie of YOU (using your webcam) while you looked at 'adult' websites.

Should you not fulfill it within Twenty-four hrs, I most certainly will create your life terrible by sending that video clip to Every person you know. Your time starts right now."
All that means is they saw Black Mirror.
Jim Beaux
Posts: 108
Joined: Sun Jul 23, 2017 4:29 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Jim Beaux »

SnowBog wrote: Thu Apr 16, 2020 4:49 pm Email is a scam, delete it and don't think about it.

But if someone hasn't mentioned it yet, strongly enable two-factor authentication everywhere possible. Even "strong" passwords can be compromised. Two-factor authentication adds another layer, which needs to be bypassed to gain access. It also can give you notice when someone is attempting to gain access, as you'll get 2FA requests tipping you off...

Most services have some form of 2FA they support. While not the most secure option, one time codes sent to text messages are ubiquitous. At the other end, some sites/services support physical security keys. Leverage what you can!

This recommendation has nothing to do with the email you received. Everyone should enable and use 2FA. The sooner passwords "die" the better for all of us...
+1
Good point. Another suggestion - when possible, instead of your real name, use a series of numbers & letters as the user name. In effect, this gives you 2 PW's. (very easy if using a PW vault) I use this setup on the VG website, as well as 2 factor.
User avatar
arcticpineapplecorp.
Posts: 6185
Joined: Tue Mar 06, 2012 9:22 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by arcticpineapplecorp. »

DaftInvestor wrote: Thu Apr 16, 2020 2:40 pm As a Scam email it has the obligatory bad English in it I see:

"will create your life terrible"

My life was already created many decades ago. Jury is still out on whether it was created terrible or not.
that's funny.

when I read the following:
Very well, put together yourself simply because I am going to move your entire world today.
I couldn't figure out how to "put together myself". Do they mean pull your self together?

when they say they are going to "move your entire world today" do they mean "rock your world"?

If they would just say they want money to take English speaking classes, I'd be more forgiving.
It's "Stay" the course, not Stray the Course. Buy and Hold works. You should really try it sometime. Get a plan: www.bogleheads.org/wiki/Investment_policy_statement
User avatar
windaar
Posts: 416
Joined: Thu Mar 08, 2012 7:31 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by windaar »

This happened to me too - The source was a breach of LinkedIn - They keep sending my old LinkedIn password to the email that was attached to it with all kinds of lurid threats. Funny, I left LinkedIn years ago because they kept spamming my contacts.
Nobody knows nothing.
terran
Posts: 1699
Joined: Sat Jan 10, 2015 10:50 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by terran »

I agree this probably isn't legit, but I wonder why people think poor grammar is an indication of an illegitimate threat? It seems to me that a hacker is just as likely to speak english as a second language (or not at all) and perhaps more likely since hacking people from a country you're not in would make you less likely to get caught.
User avatar
windaar
Posts: 416
Joined: Thu Mar 08, 2012 7:31 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by windaar »

terran wrote: Thu Apr 16, 2020 8:02 pm I agree this probably isn't legit, but I wonder why people think poor grammar is an indication of an illegitimate threat? It seems to me that a hacker is just as likely to speak english as a second language (or not at all) and perhaps more likely since hacking people from a country you're not in would make you less likely to get caught.
Good point; poor grammar is a tipoff to Phishing, but wouldn't indicate that an extortion attempt wasn't real.
Nobody knows nothing.
metalworking
Posts: 223
Joined: Sun Jan 03, 2016 9:20 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by metalworking »

brother just got similar email today. Not legit!
metalworking
Posts: 223
Joined: Sun Jan 03, 2016 9:20 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by metalworking »

terran wrote: Thu Apr 16, 2020 8:02 pm I agree this probably isn't legit, but I wonder why people think poor grammar is an indication of an illegitimate threat? It seems to me that a hacker is just as likely to speak english as a second language (or not at all) and perhaps more likely since hacking people from a country you're not in would make you less likely to get caught.
Scammers are sticklers for efficiency. To decrease time wasted on people not likely to fall for the scam using bad english acts as a screening technique. I think the book is called "think like a freak"
User avatar
arcticpineapplecorp.
Posts: 6185
Joined: Tue Mar 06, 2012 9:22 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by arcticpineapplecorp. »

terran wrote: Thu Apr 16, 2020 8:02 pm I agree this probably isn't legit, but I wonder why people think poor grammar is an indication of an illegitimate threat? It seems to me that a hacker is just as likely to speak english as a second language (or not at all) and perhaps more likely since hacking people from a country you're not in would make you less likely to get caught.
interesting. hadn't considered some of the reasons misspelling and poor grammer aren't always unintentional (you learn something new each day):

https://josephsteinberg.com/why-scammer ... -mistakes/
https://umbrella.cisco.com/blog/grammar ... nd-malware

now please kindly type the following into your browser...
It's "Stay" the course, not Stray the Course. Buy and Hold works. You should really try it sometime. Get a plan: www.bogleheads.org/wiki/Investment_policy_statement
Carter3
Posts: 215
Joined: Thu Oct 31, 2013 12:51 pm
Location: Western Tennessee

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Carter3 »

Hogan773 wrote: Thu Apr 16, 2020 2:45 pm
simpleliving1 wrote: Thu Apr 16, 2020 2:37 pm Thank you, everyone, for inputs.
Here is the actual text
"Pay $1000 in btc to the down below address (remove***from it):

bc1***qwc5ldj8h25adqfwlhsvlwn29pu62h2d6p46f9l

You may be wondering why the heck would you do that? Very well, put together yourself simply because I am going to move your entire world today. I had a threatening spyware infect your pc and also record movie of YOU (using your webcam) while you looked at 'adult' websites.

Here's one of your password ........

Nonetheless don't believe me? Reply 7 and I'll be randomly share your video clip with 7 people you recognize (Yes, I have got access to your address book as well).

At this moment, what do I want to get this to entire thing vanish? Well, I have already described the actual offer in beginning of the e-mail. Should you not fulfill it within Twenty-four hrs, I most certainly will create your life terrible by sending that video clip to Every person you know. Your time starts right now."

As advised She won't be using those passwords anymore and will not share the same passwords across other platforms. We will ignore the email. One user listed to the link to find if an email address was pwned, I found both her and my primary email address are pwned 6 and 8 times.
Weird

I just got some email with a .MOV attachment about you. Looks like someone was having "fun" that day haha
Haaa, that's horrible
User avatar
Cubicle
Posts: 939
Joined: Sun Sep 22, 2019 1:43 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by Cubicle »

I used to get these a lot. I would beg the hacker to send all their incriminating evidence to everyone I knew. I'd then start using very vulgar language towards them. They'd reply, say "this is real life serious, this is not a joke". I made some more off color offensive remarks. Repeat 2-3 more times. Then they'd stop replying.

I don't watch "adult" movies. I don't own a webcam. Tell them to provide proof & then you'll double their demands.

Now I don't get any. :( I could rack up my "kills" during this shut down.
"Oh look another bajillion point declin-Ooooh!!! A coupon for pizza!!!!" <--- This is what everyone's IPS should be. ✓✓✓
FunnelCakeBob
Posts: 94
Joined: Fri Jul 20, 2018 5:44 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by FunnelCakeBob »

I received the same email yesterday. It's a scam. Just ignore, report as spam, and delete. The email I received had an old password that was used with LinkedIn many years ago.

Someone already noted that this is related to the hacking of LinkedIn passwords. I think the hacking took place around 2012 and the passwords have been sold on the darknet for years. The scam artists are taking advantage of the fact that we're in a vulnerable time, many of us home by ourselves, to scare up a few dollars.

Be sure to update your passwords regularly and avoid using the same one with multiple websites.
EZ James
Posts: 110
Joined: Wed Oct 03, 2012 2:46 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by EZ James »

In addition to changing passwords I would install a previously made image of the hard drive in case a key logger had been installed. If the image was not recent I might just roll back to a recent restore point.
User avatar
ThereAreNoGurus
Posts: 524
Joined: Fri Jan 24, 2014 11:41 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by ThereAreNoGurus »

This site has been posted on BH before: https://haveibeenpwned.com/

You can use it to see whether your email has been unintentionally exposed to the public. This is an example of a result returned from a breach:
MGM Resorts: In July 2019, MGM Resorts discovered a data breach of one of their cloud services. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed. The data was provided to HIBP by Under The Breach.

Compromised data: Dates of birth, Email addresses, Names, Phone numbers, Physical addresses
Trade the news and you will lose.
ARoseByAnyOtherName
Posts: 1000
Joined: Wed Apr 26, 2017 12:03 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by ARoseByAnyOtherName »

simpleliving1 wrote: Thu Apr 16, 2020 2:37 pm As advised She won't be using those passwords anymore and will not share the same passwords across other platforms. We will ignore the email. One user listed to the link to find if an email address was pwned, I found both her and my primary email address are pwned 6 and 8 times.
You must:

- change all passwords for both of you to new ones that are unique for each website, and that are long strings of random characters.

- use a password manager to store these passwords. I highly recommend 1Password, as do other reputable sources: https://thewirecutter.com/reviews/best- ... -managers/

- enable two factor authentication on every website you can.

There are other things you can do. But these are the very basic things you must do to stay safe online.
IowaFarmWife
Posts: 236
Joined: Thu Nov 02, 2017 9:42 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by IowaFarmWife »

Hogan773 wrote: Thu Apr 16, 2020 10:13 am Was your wife looking at por&n? That is usually the email I get. It has some password I've used for some random forum like Honda forums or whatever, and then it proceeds to tell me that they activated my webcam while I was pleasuring myself looking at adult sites and they will send that video to all my contacts. They remind me in their broken English "oh the shame you will surely feel, and oh to just think about what your wife and children will do now, you will lose everything" and on and on

Just ignore it and delete the email.
Yes, my 82 year old mother received one of these emails the other day. :-( :-( :-( She did go online and change some of her passwords.
“The quickest way to double your money is to fold it in half and put it in your back pocket.” —Will Rogers
cresive
Posts: 462
Joined: Sat Nov 26, 2016 12:12 pm
Location: Virginia, USA
Contact:

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by cresive »

simpleliving1 wrote: Thu Apr 16, 2020 9:07 am BHs.

Last evening DW received an email from Hacker threatening her to transfer $1000 in BTC, else they will turn her life upside down by sharing sensitive information about her to public. This email subject line contains the list of her current passwords and in the text, they mentioned they have installed a virus on her laptop and now they have access to all of her information. DW thinks this might have happened because she recently installed ZOOm video conferencing software on her laptop recently.

Since then we have changed the password of her and mine email, financial institutes and every single possible online account we can think of. Formatted the Windows on laptops and deleted any account that we are not currently using.
Please advise us what else we could do? Can we report this incident to someone to help stop it happening to others?


P.S. We change the passwords to our account every 90 days and passwords are very strong according to the websites. We also have the subscription to LifeLock plus identity theft protection through my employer.

After reading most of the replies, I have one more suggestion, make sure you have frozen your credit. If the jerks are for real, you don't want anyone taking the information and trying to take your identity.

Once my Bp goes down after reading your story, I may have some more ideas. I had a similar issue, and called their bluff. Nothing happened, that I know about, but I have frozen every aspect of my credit, so I wasn't too worried they could do much. My jerks were in the Ukraine.

Good luck,
Ben
whomever
Posts: 972
Joined: Sat Apr 21, 2012 5:21 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by whomever »

"In addition to changing passwords I would install a previously made image of the hard drive in case a key logger had been installed. If the image was not recent I might just roll back to a recent restore point."

I don't think that is appropriate, if I am understanding the situation here.

My sense is that what happened here is:

1)You sign up at somewhere.com using an email of fred@myisp.com and a password of pQrSt.
2)Somewhere.com gets hacked, and so now the hackers have the email/pw combination fred@myisp.com/pQrSt
3)They send Fred an email (at the fred@myisp.com address) saying 'Gotcha! Your pw is pQrSt, send us $$$$'.

Unless Fred went clicking around on links in the email (better yet, if he didn't open it), his computer hasn't been compromised. All Fred needs to do is go anywhere he used that email/pw combination and change the pw. If that is just the one site that got hacked, yay. If Fred used that email/pw site for multiple sites, he should change the pw for those sites. But there is no need for reinstalling operating systems etc on Fred's computer - somewhere.com's computers were hacked, not Fred's.
mptfan
Posts: 6204
Joined: Mon Mar 05, 2007 9:58 am

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by mptfan »

terran wrote: Thu Apr 16, 2020 8:02 pm I agree this probably isn't legit, but I wonder why people think poor grammar is an indication of an illegitimate threat? It seems to me that a hacker is just as likely to speak english as a second language (or not at all) and perhaps more likely since hacking people from a country you're not in would make you less likely to get caught.
Yes, but a professional hacker who speaks English as a second language would be wise enough to have a native English speaker proofread the emails just like any other professional in any other field from another country who works with international "clients." If the hacker doesn't have the ability or the resources to create a well written English email, that probably indicates a lack of professionalism in their hacking craft as well.

Let's say you wanted to purchase software, let's say virus protection software just an example, and you went on the software vendor's website and you saw that their English was very poorly written... would you say to yourself "Their programmers are likely to speak English as a second language, or not at all, so that's no big deal, I'm sure the software is very good."? I know I wouldn't.
srt7
Posts: 502
Joined: Mon Sep 29, 2014 12:19 pm

Re: Advise what to do after receiving email from Hacker trying to extort money

Post by srt7 »

yules wrote: Thu Apr 16, 2020 2:47 pm
Dear OP,

1) The hacker only wants $1000? He or she works cheap!
2) If the hacker really has access to everything on the laptop, wouldn’t it be easier for the hacker just to transfer the $1000 by him or herself? Or lie in wait and use a key logger to get the log in information for all your sites? Why would the hacker subcontract this scam out to the victims themselves?

Good luck!
Yules
$1,000 to buy some English lessons :confused
I can't think of anything more luxurious than owning my time. - remomnyc
Post Reply