If you are receiving email messages with spammy subjects like:
“Account Issue" “account was hacked” “Delete Message After Reading!” “Security Warning” “Your Account Was Hacked!” “Your password is ABC” “Your Secret Life”
It’s likely your email address has been linked to a password you once used (or may still be using) on one of the many websites compromised over the past few years.
(> What’s A Few More Compromised Websites and Accounts Breaches… <)
The “Have I Been Pwned” website is a great place to start in researching which websites your confidential information may have been pilfered from recently.
Below is a sample email from a would-be criminal, who likely gleaned thousands of email address and password combinations like yours from any number of stolen password lists circulating on the Internet today:
Hi, dear user of "your website or address" We have installed one RAT software into you device. For this moment your email account is hacked (see on "from address", I messaged you from your account). Your password for "your email address": "old password used" I have downloaded all confidential information from your system and I got some more evidence. The most interesting moment that I have discovered are videos records where you masturbating. I posted my virus on porn site, and then you installed it on your operation system. When you clicked the button Play on porn video, at that moment my trojan was downloaded to your device. After installation, your front camera shoots video every time you masturbate, in addition, the software is synchronized with the video you choose. For the moment, the software has collected all your contact information from social networks and email addresses. If you need to erase all of your collected data, send me $800 in BTC (crypto currency). This is my Bitcoin wallet: 13cyEdT7kyH2f4j9xchvDGhv1o64MYNLU You have 48 hours after reading this letter. After your transaction I will erase all your data. Otherwise, I will send video with your pranks to all your colleagues and friends!!! And henceforth be more careful! Please visit only secure sites! Bye!
If this reads like an email you’ve received recently, don’t panic. Just delete it.
First, note the password listed in the email. If you are still using the password given in the body of the extortion email message,
you should probably stop doing so.
Second, delete the email and do not reply to it. Keep in mind, this blackmailer is likely blindly sending this email to thousands
of different email addresses in hopes of making some easy money.
Third, be sure to update your password on all websites where you’ve used the same email address noted in the message.
Why am I getting these now?
The reason these messages have become so common recently is that a group of hackers launched a ransomware as a service (RaaS) business earlier this year (in 2018). Their “affiliate” business model involves selling a software package, which allows just about anyone with a computer and an Internet connection to do all manner of things, from sending mass email blackmail messages like the one above, to initiating denial of service attacks, and even sending sophisticated social engineering / phishing email written to convince unsuspecting computer users to click a link in order to install computer viruses on their computers.
The low-cost software even allows would-be cybercriminals the ability to customize the content of their messages and viruses in a way previously requiring a sophisticated understanding of hacking and cybercrime.
Bulk blackmail spamming is so easy, everyone’s doing it…
How to stop these ransomware email messages?
If your web hosting company is running cPanel as their website control panel, you can simply auto-discard these messages. Here’s an example, shown at right.
Many web hosting providers provide more advanced email filtering services, which quarantine these types of messages before they hit your inbox.
And don’t forget about your email software filters. Most email applications, like Microsoft Outlook and Gmail, include email filtering options which allow you to discard all email that include your old password in the from: or body of incoming email messages.
In short, don’t panic. These types of email messages will only become more prevalent in the near future. Be sure to ask your email service provider whether they have other options to better curtail these types of malicious email messages as well.
Jim Walker says
Some quick follow-up and good news on this subject, “FBI Seizes 15 DDoS-For-Hire Websites, 3 Operators Charged”, https://thehackernews.com/2018/12/fbi-christmas-ddos-for-hire.html