![]() ![]() Not a single person has compensated me to investigate about you. I am aware one of your passphrase: password. Just ignore the scammers' empty threats and practice good password hygiene going forward! Example 1 We know this experience isn't fun, but it's also not the end of the world. We offer some through our store, but a small strip of electrical tape will do. ![]() One other thing to do to protect yourself is apply a cover over your computer’s camera. You can also check out our Surveillance Self-Defense guide for more tips on how to protect your security and privacy online. Moving forward, you should make sure to enable two-factor authentication whenever that is an option on your online accounts. What should I do instead?Īs we said before, for sure stop using the password that the scammer used in the phishing email, and consider employing a password manager to keep your passwords strong and unique. If you do pay, then the scammers may also use that as a pressure point to continue to blackmail you, knowing that you’re susceptible. If you pay the ransom, you’re not only losing money but you’re encouraging the scammers to continue phishing other people. But once they get a response-and a conversation is initiated-they will likely move into a more advanced stage of the scam. By default they expect most people will not even open the email, let alone read it. Fundamentally this isn't that much different from the old Nigerian prince scam, just with a different hook. With this type of scam, the perpetrator relies on the likelihood that a small number of people will respond out of a batch of potentially millions. Should I respond to the email?Ībsolutely not. You can also use a service like Have I Been Pwned to check whether you have been part of one of the more well-known password dumps. Īnd of course, you should always change your password when you’re alerted that your information has been leaked in a breach. If the password emailed to you is one that you still use, in any context whatsoever, STOP USING IT and change it NOW! And regardless of whether or not you still use that password it's always a good idea to use a password manager. ![]() Scammers likely obtained such a list for the express purpose of including a kernel of truth in an otherwise boilerplate mass email. Unfortunately, in the modern age, data breaches are common and massive sets of passwords make their way to the criminal corners of the Internet. They have my password! How did they get my password? Here are some quick answers to the questions many people ask after receiving these emails. It’s hard to say how much the scammers have received in total at this point since they appear to be using different bitcoin addresses for each attack, but it’s clear that at least some people are already falling for this scam. Of the five wallets we looked at only one had received any bitcoin, in total about 0.5 bitcoin or $4,000 at the time of this writing. The scammers in this case likely matched up a database of emails and stolen passwords and sent this scam out to potentially millions of people, hoping that enough of them would be worried enough and pay out that the scam would become profitable.ĮFF researched some of the bitcoin wallets being used by the scammers. What makes the email especially alarming is that, to prove their authenticity, they begin the emails showing you a password you once used or currently use.Īgain, this still doesn't mean you've been hacked. The hacker promises to go away if you send them thousands of dollars, usually with bitcoin. The general gist is that a hacker claims to have compromised your computer and says they will release embarrassing information-such as images of you captured through your web camera or your pornographic browsing history-to your friends, family, and co-workers. We have pasted a few examples of these emails at the bottom of this post. We’ll talk about a few steps to take to protect yourself, but the first and foremost piece of advice we have: do not pay the ransom. This is merely a new variation on an old scam which is popularly being called "sextortion." This is a type of online phishing that is targeting people around the world and preying on digital-age fears.ĭOnate to help EFF defend privacy and free expression Contrary to the claims in your email, you haven't been hacked (or at least, that's not what prompted that email). You’re searching for what to do in this frightening situation.ĭon’t panic. ![]() You may have arrived at this post because you received an email from a purported hacker who is demanding payment or else they will send compromising information-such as pictures sexual in nature-to all your friends and family. Updated Jan 23rd 2019 to include latest variations on this scam. ![]()
0 Comments
Leave a Reply. |