312-253-4321    Get SUPPORT

Alchetec Blog

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

A new email scam is making its rounds and it has a lot of people concerned with just how much a hacker can peer into one’s private life. How would you react if a stranger emailed you saying they had inappropriate webcam footage of you?

This Scam is a Dirty Trick
This is going to be a taboo subject for many, but it’s a real scam that is quickly getting passed around to users and to some, the risk is so high they might be willing to fall for it. Essentially, an email comes in stating that a hacker got access to your passwords (likely pulled from a list on the dark web from any one of the dozens of web services and businesses that have been hacked over the years). They show off the password to you as proof, right in the email, and mention they have incriminating webcam footage of you, and they’ll share it to your contacts if you don’t pay up.

How It Works
The target of this scam will open their email to find a message that opens by identifying an actual password of the targeted user. The rest of the email reads as one would expect an email of this nature to:

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The email then provides an address for the recipient to send their Bitcoin to, with the recommendation to copy-paste the case-sensitive alphanumeric sequence. The email ends with a warning:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This is not the only version of the email that is out there, but they all follow the same thread and end with the same threat - pay up, or everyone will see what you do behind closed doors.

Is This For Real?
For many people, this is a fair question - and fortunately for many, no, the threats are not legitimate. First of all, the passwords that these attacks are citing are often 10 years old, which means that the criminals likely got their information from an outdated database from some hack from a decade ago.

However, that doesn’t mean that this threat hasn’t been comfortably effective. As of July 19th, a mere 42 Bitcoin addresses had net over $50,000 from 30 victims. While these returns certainly aren’t breaking any records, they are enough to encourage more cybercriminals to leverage similar attacks.

How to Protect Yourself from the Real Deal
Even if this particular threat is little more than an underhanded bluff, that doesn’t mean a legitimate password scam isn’t still well within the realm of possibility. Therefore, the security lessons that can be learned from this particular trend are still extremely applicable.

First and foremost, passwords are like the underwear this probably automated scam claims to have seen its users potentially without - they need to be changed regularly. The fact that 30 people were willing to pay a combined $50,000 tells us two things: they had something they wanted to hide, and they hadn’t changed their passwords in years. Changing your passwords on a regular basis, without repeating them, means that you are safe if one of your past passwords is hacked. After all, the old key to a door won’t work anymore of you’ve changed the lock.

Secondly, and more personally, make sure your webcam is covered up while you aren’t actively using it.

For more best practices, including ones to help preserve your security, keep reading our blog. Reach out to us at 312-253-4321 to ask about the solutions we can provide to keep messages like these out of your business in the first place.

Security Threats and Defensive Measures You Can Ta...
How Technology Could Change the Classroom
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, February 19 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Business Computing Malware Privacy Email Productivity Hackers Network Security Outsourced IT IT Services Software Hosted Solutions Data Backup Data Internet Managed IT Services Productivity Tech Term Business Computer Innovation Ransomware Data Recovery Microsoft Cloud Computing Mobile Devices Small Business Backup IT Support Hardware Business Continuity IT Support Google Paperless Office User Tips Efficiency VoIP Data Management Business Management Remote Monitoring Smartphone Android Internet of Things Managed Service Provider Communication Managed IT Services Managed IT Browser Collaboration Disaster Recovery Smartphones Workplace Tips Encryption Cybersecurity Passwords BYOD Mobile Device Holiday Office 365 Phishing Windows 10 Social Media Save Money Artificial Intelligence Windows 10 Wi-Fi Facebook Employer-Employee Relationship Document Management Server Upgrade Applications Government Unified Threat Management SaaS BDR Healthcare Antivirus Telephone Systems Vulnerability Bandwidth IT Management Scam Project Management Compliance Recovery Network Vendor Management Risk Management Saving Money Information Infrastructure Communications Tip of the week Tablet Virtual Reality Two-factor Authentication Work/Life Balance Bring Your Own Device IT Service Office Hosted Solution Training Robot Storage Apps Gmail Router File Sharing Maintenance App Microsoft Office Word Automation Password Customer Relationship Management Virtualization Files Going Green Quick Tips Help Desk Website Managed Service Chrome Blockchain Money Windows Regulations Data Storage Data Security Politics Wireless Firewall Mobile Device Management Data loss Software as a Service Remote Computing Printing Assessment Electronic Medical Records Outlook Patch Management Upgrades Computers Mobility How To Unified Communications Uninterrupted Power Supply Employees Redundancy Computing Alert Smart Technology Network Management The Internet of Things Management How To Remote Monitoring and Management Analytics Server Management HIPAA VPN Samsung Remote Workers Big Data Monitors Internet Exlporer Miscellaneous IoT Access Control Customer Service Virtual Private Network Chromebook Digital Payment Mobile Security Twitter Identity Theft Business Technology Health Flexibility Social Licensing Machine Learning Company Culture Shortcut Black Friday Motherboard Asset Tracking Theft Avoiding Downtime Techology Telephony Hotspot Recycling Education Favorites Migration Development MSP Permission Lenovo Fraud Utility Computing Disaster Office Tips Electronic Health Records Bluetooth Downloads Automobile Authorization Address Dark Web Screen Reader Software Tips Consulting Notes Heating/Cooling Unified Threat Management Emoji Operations Managing Stress WiFi VoIP IT Solutions Technology Tips Processors Cyber Monday Mobile Computing Apple OneNote Financial Time Management Disaster Resistance Language Augmented Reality eWaste Conferencing Tech Support Chatbots Cables Proactive Test Consultation Superfish Legal Law Enforcement Wireless Technology Cyberattacks Multi-Factor Security USB GPS YouTube Personal Information Data Warehousing Safety Smart Tech Unsupported Software Managed Services Provider PowerPoint Servers User Error Private Cloud IBM Wearable Technology Enterprise Content Management Mouse Hacker Google Maps 3D Printing Employee-Employer Relationship Procurement Proactive IT Update Computing Infrastructure Display Meetings Gadgets Identity Supercomputer RMM Gadget Net Neutrality Cost Management Travel Dark Data Read Only Hacking Google Calendar Tracking Settings Social Engineering Wires Zero-Day Threat Virus Microsoft Excel Connectivity Content Filtering History Mobile Data Point of Sale Professional Services Printer Vulnerabilities Instant Messaging Comparison Distributed Denial of Service Modem Security Cameras Touchscreen IT Consulting Alerts Enterprise Resource Planning Corporate Profile Users IT Budget WPA3 Operating System Networking Hard Drive Solid State Drive Trending Legislation Black Market Geography Search Digital Backup and Disaster Recovery Computer Repair Crowdsourcing G Suite Cabling E-Commerce Virtual Assistant Websites IT Technicians Finance Specifications Notifications Managed IT Service Cookies Downtime Remote Worker Data Breach Botnet Cooperation Mobile Computer Care WannaCry Social Networking Fleet Tracking Tech Terms Google Drive Sports Cache Taxes Hard Disk Drive Network Congestion Bookmarks Physical Security Spam Mirgation High-Speed Internet Spyware Human Error Firefox Permissions Star Wars Humor Features Wasting Time Statistics SharePoint Business Growth Authentication Mail Merge Break Fix Nanotechnology Cortana Monitoring ROI Technology Laws Staff End of Support Public Speaking IT Consultant CrashOverride Presentation Lithium-ion battery Mobile Device Managment Relocation Administrator Hiring/Firing 5G Cybercrime Fun Marketing Information Technology Budget Competition Error IP Address Cleaning Hard Drives Motion Sickness Printers Emergency Public Cloud Mobile Office Domains Regulation Hacks Sync Staffing