For our web design business Apexweb LTD we have run our own dedicated servers for over twenty years and offered email accounts as part of our website hosting services for our customers.
One of the biggest problems with running an email server is dealing with the huge amounts of spam and junk emails which are received every day.
Our email server software filters a huge amount of the spam but a small amount will always get past the filters.
Over the past few months we have noticed an increase in the number of bitcoin scams and bitcoin extortion messages which are using old passwords which have been obtained via data breaches to try to extort money in bitcoin in return for not sending a fake video of the user watching adult content to their contacts and family.
The spoofed emails are written to appear to have come from your own email address but this is not true.
I often have calls from friends and family who have received who have received this type of email and are worried that they have been hacked or their computer taken over.
An example reads:
XXXXXXX is your pass. Lets get directly to the point. None has compensated me to check you. You may not know me and you are probably thinking why you're getting this email?
Well, i installed a malware on the xxx videos (sex sites) site and there's more, you visited this web site to have fun (you know what i mean). While you were viewing video clips, your browser started out operating as a RDP with a keylogger which gave me access to your display as well as cam. immediately after that, my software program gathered every one of your contacts from your Messenger, FB, as well as e-mail account. and then i made a double-screen video. First part shows the video you were watching (you've got a fine taste hahah), and 2nd part displays the recording of your webcam, & its you.
There are two different alternatives. We are going to explore each one of these possibilities in particulars:
First solution is to dismiss this email message. in this case, i will send out your recorded material to just about all of your personal contacts and also just consider concerning the shame you can get. Not to forget if you happen to be in an important relationship, just how it would affect?
Next option would be to give me USD 987. We are going to think of it as a donation. Then, i most certainly will quickly delete your video. You could resume your life like this never happened and you are never going to hear back again from me.
You will make the payment through Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google).
BTC address: 1AVSEj7UKjadhWCjcPcC1mbS5VVv89Hvgb
[case SeNSiTiVe, copy & paste it]
if you are looking at going to the law enforcement, very well, this email can not be traced back to me. I have dealt with my actions. i am also not looking to charge a fee a whole lot, i would like to be paid. e-mail if i do not get the bitcoin, i definitely will send your video recording to all of your contacts including friends and family, colleagues, and many others. However, if i receive the payment, i'll destroy the recording right away. If you want to have evidence, reply with Yup! and i will send your video to your 10 contacts. This is a nonnegotiable offer, therefore don't waste mine time and yours by replying to this mail.
You may not know me and you are probably wondering why you are getting this e mail right
Im a hacker who cracked your devices a few months ago
I sent you an email from YOUR hacked account
I setup a malware on the adult vids porno website and guess what you visited this site to have fun you know what I mean
While you were watching videos your internet browser started out functioning as a RDP Remote Control having a keylogger which gave me accessibility to your screen and web cam
after that my software program obtained all of your contacts and files
You entered a passwords on the websites you visited and I intercepted it
Of course you can will change it or already changed it
But it doesnt matter my malware updated it every time
What did I do
I created a doublescreen video 1st part shows the video you were watching youve got a good taste haha and 2nd part shows the recording of your web cam
Do not try to find and destroy my virus All your data is already uploaded to a remote server
Do not try to contact with me
Various security services will not help you formatting a disk or destroying a device will not help either since your data is already on a remote server
I guarantee you that I will not disturb you again after payment as you are not my single victim This is a hacker code of honor
Dont be mad at me everyone has their own work
exactly what should you do
Well in my opinion 795 USD is a fair price for our little secret Youll make the payment by Bitspancoin if you do not know this search how to buy Bitspancoin in Google
My Bitspancoin walspanspanlet Address
It is cAsE sensitive so copy and paste it
You have 48 hour in order to make the payment Ive a facebook pixel in this mail and at this moment I know that you have read through this email message
To track the reading of a message and the actions in it I use the facebook pixel
Thanks to them Everything that is used for the authorities can help us
If I do not get the Bitspancoins I will certainly send out your video recording to all of your contacts including relatives coworkers and so on Having said that if I receive the payment Ill destroy the video immidiately
If you need evidence reply with Yes and I will certainly send out your video recording to your 6 contacts It is a nonnegotiable offer that being said dont waste my personal time and yours by responding to this message
Where is the data coming from?
Many of the email addresses and passwords which are appearing in these scam emails are from old data breaches and you can check if your email address is in any breaches by checking on the https://haveibeenpwned.com/ website.
How can you protect yourself?
- Firstly do not reply to these emails or send the scammers any money. If you reply you will confirm that the scammer has sent the email to a working email address and you will often get a lot more scams and junk emails.
- If the password in the email is one you currently use change it as soon as possible on all affected websites and services.
- Do not use the same password on multiple websites.
- Use a password manager.
Using a password manager allows you to easily login to websites using unique passwords for each site or service and have a single master password for you to remember.
There are many different password managers available, but the following are the most popular.