Received a disturbing ransomware email
No he doesn't have video of me, not concerned about that at all, but how in the hell did he get my 12 digit
password and what should I do? Here it is......
Hey --------@ruraltel.net,
I have to share bad news with you.
Approximately few months ago I have gained access to your devices, which you use for internet browsing.
After that, I have started tracking your internet activities.
Some time ago I hacked you and got access to your email accounts --------@ruraltel.net .
Obviously, I have easily hack to log in to your email.
Your password: ------------
One week later, I have already installed Trojan virus to Operating Systems of all the devices that you use to access your email.
In fact, it was not really hard at all (since you were following the links from your inbox emails).
All ingenious is simple. =)
This software provides me with access to all the controllers of your devices (e.g., your microphone, video camera and keyboard).
I have downloaded all your information, data, photos, web browsing history to my servers.
I have access to all your messengers, social networks, emails, chat history and contacts list.
My virus continuously refreshes the signatures (it is driver-based), and hence remains invisible for antivirus software.
Likewise, I guess by now you understand why I have stayed undetected until this letter...
While gathering information about you, I have discovered that you are a big fan of adult websites.
You really love visiting porn websites and watching exciting videos, while enduring an enormous amount of pleasure.
Well, I have managed to record a number of your dirty scenes and montaged a few videos, which show the way you masturbate and reach orgasms.
If you have doubts, I can make a few clicks of my mouse and all your videos will be shared to your friends, colleagues and relatives.
I have also no issue at all to make them available for public access.
I guess, you really don't want that to happen, considering the specificity of the videos you like to watch, (you perfectly know what I mean) it will cause a true catastrophe for you.
Let's settle it this way:
You transfer $400 USD to me (in bitcoin equivalent according to the exchange rate at the moment of funds transfer), and once the transfer is received, I will delete all this dirty stuff right away.
After that we will forget about each other. I also promise to deactivate and delete all the harmful software from your devices. Trust me, I keep my word.
This is a fair deal and the price is quite low, considering that I have been checking out your profile and traffic for some time by now.
In case, if you don't know how to purchase and transfer the bitcoins - you can use any modern search engine.
Here is my bitcoin wallet: bc1qd0gu4ekg36x524lwspsnh8v95uvjpsj5y88c4v
Things you need to avoid from doing:
*Do not reply me (I have created this email inside your inbox and generated the return address).
*Do not try to contact police and other security services. In addition, forget about telling this to you friends. If I discover that (as you can see, it is really not so hard, considering that I control all your systems) - your video will be shared to public right away.
*Don't try to find me - it is absolutely pointless. All the cryptocurrency transactions are anonymous.
*Don't try to reinstall the OS on your devices or throw them away. It is pointless as well, since all the videos have already been saved at remote servers.
Things you don't need to worry about:
*That I won't be able to receive your funds transfer.
- Don't worry, I will see it right away, once you complete the transfer, since I continuously track all your activities (my trojan virus has got a remote-control feature, something like TeamViewer).
*That I will share your videos anyway after you complete the funds transfer.
- Trust me, I have no point to continue creating troubles in your life. If I really wanted that, I would do it long time ago!
Everything will be done in a fair manner!
One more thing... Don't get caught in similar kind of situations anymore in future!
My advice - keep changing all your passwords on a frequent basis
My computer doesn't have a microphone or video camera, do I need to completely reinstall original software?
Virus detection that comes with Windows 10 says everything is OK. If this hacker was able to get my password
has he learned my credit card number from buying stuff online? Any advice would be helpful.
I'm currently using Firefox for browser & Thunderbird for email.
THANKS in advance.
MLAA
(18,598 posts)Sounds like a scammer who is hoping you will send $$ no questions asked or click on a link he sent you.
KS Toronado
(19,565 posts)I just replaced it with ------------ in my post, no need to broadcast it everywhere.
MLAA
(18,598 posts)KS Toronado
(19,565 posts)Yea, this shit just came out of nowhere, bank said no suspicious activity on my account, said I could have
a new number if I wanted, might do that tomorrow morning.
kedrys
(7,682 posts)Ive blown off every single one and took no other steps, and none of my info has been compromised ever. If it had been, Id know by now - this has been going on for years.
I wish more was being done on scams.
I had a credit card hacked. They caught a woman 3000 miles away using it.
Credit card agents seemed just weary. 'Happens all the time.'
LunaSea
(2,927 posts)From a source like LinkedIn or some other company.
The email is bullshit. They have only a stolen password they likely bought online.
You do need to change passwords, and make different ones for different sites.
usonian
(13,785 posts)The passwords they claim to have came from email breakins at Yahoo, LinkedIn, Docusign (!) at the very least.
They are old, and only a problem if you are lazy enough to recycle them on other sites.
If it weren't this same damn form letter, there actually is a chance that your info has been had by various means, including phishing ("You just bought a 14 foot sailboat. Confirm your purchase by logging in to WHATEVER.COM" ) or the Experian breakin or various other accounts (your college, etc). But very low, and never with such form letters, or the usual ones with misspellings.
The advice I give family and everyone is the simplest. ) and this is the short version.
1. Never use an obvious password like myname, or the top 100
https://techcult.com/most-common-passwords/
Or one of those appended with a 1,2,123 and so on.
2. Never use the same password twice at another site or institution.
3. Get a password manager app. Many are free, and require a touch-id or other, to open the app. The nicer ones store data encrypted. You can use impossible to remember passwords if the site you are logging into allows copy and paste. Some don't.
4. Definitely get ublock-origin add-on for Firefox. It blocks ads and countless trackers. Ads carry malware all too often. If you want to support DU become a star member anyway.
Just run a virus checker now and then.
Check your bank and credit card accounts often.
There are more steps but my motto is "do the basics first".
KS Toronado
(19,565 posts)BTW, I am a star member.
Mousetoescamper
(5,138 posts)I've not had the displeasure of receiving anything like that, but a friend received a similar porn blackmail threat. He didn't respond and nothing happened, but it was disturbing nonetheless.
CloudWatcher
(1,923 posts)For a while I added a custom email rule to my mail reader to delete these before I even saw them
In my case, the password was my "myspace.com" password from an account that was closed decades ago.
Myspace was famously hacked and all the passwords have been available on the dark-web for years and years.
Two points I'd like to make:
1) really really use different passwords on each of your services. Don't re-use passwords. So
that when one is stolen, everything isn't lost.
2) the email appeared to come from my real email address, but it was not! It is easy easy easy to generate
email that fakes the "From" field to make it look like the mail was generated from your account (or anyone else's
account). This is an ancient problem that I remember demonstrating to my boss back in about 1978. Without
examining an email in great detail (showing "raw headers" and stuff that is normally hidden), it's really hard to
figure out if email is forged or not. Same thing with caller-id. Easy to fake, don't be fooled.
SmartJellyfish
(63 posts)Ignore it. Don't pay. Seen here;
https://malwaretips.com/blogs/remove-i-have-to-share-bad-news-with-you/