Email Scam: Extortion / Blackmail (Uses YOUR Password in Header)
I’m making this quick post as a public service announcement. There is a viral email scam in which people are emailed an actual password that they have used. The email recipient is told that they have had malware installed on their computer and that their activities have been recorded through their computer camera and keylogger. The email sender is looking for $1,000 to 5,000.
It is somewhat compelling because, indeed, they have an ACTUAL PASSWORD of yours. However, this does not necessarily indicate hacking. Prior to modern encryption standards, there were old (very old) hacked email password lists that were widely circulated underground. It appears the blackmailer located one of these lists and is able to find contact information to email people at their office or work email (which are often publically posted).
What should you do when you receive an extortion email like this? Take these 3 simple steps, which should not take more than 15 or 20 minutes out of your day:
- File an IC3 — Internet Crime Complain — with the FBI. That can be done here: https://www.ic3.gov/complaint/default.aspx
- Contact the domain provider of the sender’s email. In my case the sender was using outlook/Microsoft and Microsoft has an email line set up to receive such complaints.
- Post the sender’s email address in a place that the public can find it. You may even add their email address here in the comments. This step might prohibit other people from buying into the scam, when they can verify that the email is a fraud.
My scammer: Sianna Triggs
Email address: email@example.com
mnsteresapx AT outlook
It is my hope that the above gets high ranking on google for anyone else who is being blackmailed and doing their due diligence.
I hope anyone reading this finds comfort that this is 100% a scam designed to scare you. They have not been video recording you and they do not know what pornographic websites you have visited (in my case none, which is how am so confident).
Below is the email I received with my password removed:
I am well aware (MY.PASSWORD.REMOVED) is your pass words. Lets get right to the point. There is no one who has compensated me to investigate you. You do not know me and you’re probably thinking why you’re getting this email?
actually, i actually setup a malware on the 18+ videos (pornography) site and you know what, you visited this web site to experience fun (you know what i mean). When you were watching video clips, your web browser began operating as a RDP that has a keylogger which gave me accessibility to your display as well as cam. after that, my software program collected all of your contacts from your Messenger, Facebook, as well as e-mail . and then i made a double-screen video. First part shows the video you were viewing (you have a nice taste ; )), and second part shows the recording of your webcam, & it is u.
You will have not one but two solutions. We are going to check out these types of options in particulars:
First option is to ignore this email message. in such a case, i will send out your actual recorded material to all of your personal contacts and thus just imagine regarding the shame you experience. and definitely in case you are in a committed relationship, how it is going to affect?
in the second place option will be to compensate me $1000. We will think of it as a donation. as a consequence, i will immediately discard your video footage. You could keep going on your daily life like this never occurred and you are never going to hear back again from me.
You will make the payment by Bitcoin (if you do not know this, search ‘how to buy bitcoin’ in Google search engine).
BTC address: 1DqUtQLk79UXVh2mq8nWmhw4kahk6xGbFJ
[CaSe SeNSiTiVe, copy & paste it]
Should you are curious about going to the law enforcement officials, look, this e mail can not be traced back to me. i have taken care of my actions. i am not trying to demand a whole lot, i simply want to be paid for. i’ve a specific pixel in this e-mail, and right now i know that you have read through this email message. You now have one day in order to pay. if i do not receive the BitCoins, i will send out your video to all of your contacts including members of your family, colleagues, and many others. Nevertheless, if i do get paid, i will destroy the video right away. it’s a nonnegotiable offer, that being said don’t waste mine time and yours by replying to this mail. if you need proof, reply Yup and i will send your video to your 12 friends.
PS: Sianna — you picked the wrong person to scam. I’ll know within 24 hours if your IP is address in the U.S. and if so buckle up butter cup!