312-253-4321    Get SUPPORT

Alchetec Blog

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

A new email scam is making its rounds and it has a lot of people concerned with just how much a hacker can peer into one’s private life. How would you react if a stranger emailed you saying they had inappropriate webcam footage of you?

This Scam is a Dirty Trick
This is going to be a taboo subject for many, but it’s a real scam that is quickly getting passed around to users and to some, the risk is so high they might be willing to fall for it. Essentially, an email comes in stating that a hacker got access to your passwords (likely pulled from a list on the dark web from any one of the dozens of web services and businesses that have been hacked over the years). They show off the password to you as proof, right in the email, and mention they have incriminating webcam footage of you, and they’ll share it to your contacts if you don’t pay up.

How It Works
The target of this scam will open their email to find a message that opens by identifying an actual password of the targeted user. The rest of the email reads as one would expect an email of this nature to:

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The email then provides an address for the recipient to send their Bitcoin to, with the recommendation to copy-paste the case-sensitive alphanumeric sequence. The email ends with a warning:

“Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This is not the only version of the email that is out there, but they all follow the same thread and end with the same threat - pay up, or everyone will see what you do behind closed doors.

Is This For Real?
For many people, this is a fair question - and fortunately for many, no, the threats are not legitimate. First of all, the passwords that these attacks are citing are often 10 years old, which means that the criminals likely got their information from an outdated database from some hack from a decade ago.

However, that doesn’t mean that this threat hasn’t been comfortably effective. As of July 19th, a mere 42 Bitcoin addresses had net over $50,000 from 30 victims. While these returns certainly aren’t breaking any records, they are enough to encourage more cybercriminals to leverage similar attacks.

How to Protect Yourself from the Real Deal
Even if this particular threat is little more than an underhanded bluff, that doesn’t mean a legitimate password scam isn’t still well within the realm of possibility. Therefore, the security lessons that can be learned from this particular trend are still extremely applicable.

First and foremost, passwords are like the underwear this probably automated scam claims to have seen its users potentially without - they need to be changed regularly. The fact that 30 people were willing to pay a combined $50,000 tells us two things: they had something they wanted to hide, and they hadn’t changed their passwords in years. Changing your passwords on a regular basis, without repeating them, means that you are safe if one of your past passwords is hacked. After all, the old key to a door won’t work anymore of you’ve changed the lock.

Secondly, and more personally, make sure your webcam is covered up while you aren’t actively using it.

For more best practices, including ones to help preserve your security, keep reading our blog. Reach out to us at 312-253-4321 to ask about the solutions we can provide to keep messages like these out of your business in the first place.

Security Threats and Defensive Measures You Can Ta...
How Technology Could Change the Classroom
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, July 24 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Cloud Productivity Network Security IT Services Malware Software Privacy Hosted Solutions Email Hackers Data Backup Data Outsourced IT Internet Computer Microsoft Data Recovery Productivity Innovation Business Managed IT Services Ransomware Tech Term IT Support Cloud Computing Hardware Business Continuity Collaboration Small Business Backup User Tips IT Support Mobile Devices Google Efficiency Business Management Communication Paperless Office Android Managed IT Services VoIP Windows 10 Remote Monitoring Phishing Upgrade Smartphone Disaster Recovery Server Workplace Tips Cybersecurity Save Money Smartphones Internet of Things Data Management Managed Service Provider Managed IT Passwords Mobile Device Browser Communications Office 365 Encryption Artificial Intelligence Quick Tips BYOD Holiday Social Media Windows 10 Automation Facebook Employer-Employee Relationship Document Management Applications Windows Risk Management Business Technology Compliance Government Laptops Saving Money Managed Service Wi-Fi Password Blockchain Chrome Recovery Help Desk Microsoft Office Infrastructure Virtualization Tip of the week Processor Network Vendor Management Unified Threat Management Healthcare Information BDR Antivirus SaaS Training Vulnerability IT Management Scam Telephone Systems Analytics Bandwidth Project Management File Sharing VPN Robot Storage Gmail Files App Apps Money Data Security Firewall Customer Relationship Management Politics Going Green Data loss Website Tablet Regulations Data Storage Virtual Reality Miscellaneous IT Service Work/Life Balance Wireless Mobile Device Management Router Maintenance Bring Your Own Device Word Hosted Solution Two-factor Authentication Office Upgrades Settings Computers Internet Exlporer Networking IoT Samsung Access Control Proactive Virtual Private Network Cooperation Display How To The Internet of Things Mobile Security Downtime Employees Gadgets Digital Payment Chromebook Remote Monitoring and Management RMM Twitter Company Culture Identity Theft Windows 7 Monitors Software as a Service Big Data Health Licensing Remote Workers Assessment Social Users Machine Learning Operating System Remote Computing Customer Service Patch Management Electronic Medical Records Unified Communications Consultation Flexibility Uninterrupted Power Supply Redundancy Mobility How To Printing Management Network Management Smart Technology Net Neutrality Computing Outlook Alert HIPAA Server Management MSP Content Filtering Permission History Comparison Alerts Enterprise Resource Planning Current Events Electronic Health Records Tracking Database Touchscreen IT Consulting Gadget Distributed Denial of Service Modem Legislation Augmented Reality Hard Drive Database Management Consulting Notes Corporate Profile Virus Authorization Trending Wireless Technology 5G Solid State Drives OneNote Financial Solid State Drive Unsupported Software Tech Support IT Technicians Geography Conferencing IT Budget Shared resources Websites G Suite Test Cabling 3D Printing Black Market Specifications IBM Mobile Projects Cyberattacks Voice over Internet Protocol Digital Data Breach Safety Managed IT Service Cookies Cache GDPR Managed Services Provider Computer Care PowerPoint WannaCry Google Drive Dark Data Computer Repair Crowdsourcing Hacker Social Networking Permissions Star Wars Options Employee-Employer Relationship Taxes Procurement Hard Disk Drive Firefox Mobile Data Notifications Mirgation High-Speed Internet Meetings OneDrive Statistics Social Engineering SharePoint Botnet Physical Security Mail Merge Staff Return on Investment Read Only Spyware Sports Technology Laws Break Fix Nanotechnology Shortcut Business Growth Hotspot Recycling Point of Sale Professional Services Avoiding Downtime Techology Black Friday Motherboard Wires Zero-Day Threat Fraud Utility Computing Wireless Internet Security Cameras Lenovo Migration Development Instant Messaging Manufacturing Search Bluetooth Downloads Dark Web Screen Reader WPA3 Disaster Address Operations Managing Stress Transportation Heating/Cooling Unified Threat Management Telephony Backup and Disaster Recovery Software Tips Technology Tips Automobile Language eWaste E-Commerce WiFi Virtual Assistant VoIP Time Management Network Congestion Disaster Resistance Cyber Monday Mobile Computing Employer/Employee Relationships Remote Worker Humor Superfish Chatbots Cables Finance Apple Hard Disk Drives Emoji Multi-Factor Security Data Warehousing Smart Tech Fleet Tracking Cybercrime Tech Terms Cortana IT Solutions Processors Spam Wearable Technology Enterprise Content Management Bookmarks Servers End of Support User Error Human Error USB Mouse Computing Infrastructure Bitcoin Features GPS Wasting Time YouTube Legal Proactive IT Education Law Enforcement Cost Management Proactive Maintenance Monitoring ROI Office Tips Personal Information Identity Authentication Google Maps Hacking Google Calendar Private Cloud Microsoft Excel Connectivity Asset Tracking Travel Theft Vulnerabilities Favorites Supercomputer Teamwork Update Printer Hiring/Firing Lithium-ion battery Error Cleaning Motion Sickness Emergency Fun Public Cloud Marketing Budget Competition Hard Drives Staffing IP Address Sync IT Consultant Hacks Printers CrashOverride Mobile Office Mobile Device Managment Domains Administrator Relocation Students Regulation Public Speaking Information Technology Presentation