Blackmail email - Shows a recent password?

jrw666

Level 2
Thread author
Verified
Oct 24, 2016
61
Hi, I got the following email in my junk mail....

"This is important information for you!

Some months ago I hacked your OS and got full access to your account xxxxxx@hotmail.co.uk
On day of hack your account xxxxxxx@hotmail.co.uk has password: xxxxxxxxx

So, you can change the password, yes.. Or already changed... But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability. I used it...
If you interested you can read about it: CVE-2019-1663 - a vulnerability in the web-based management interface of the Cisco routers.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full backup of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts)."

They then go on about me viewing shocking porn, blah blah blah.

My only concern is the password they mention is one I would have used, although I cannot recall which site I would have logged in with it. It's not my Windows password.

My security setup it Emsisoft AM & browser security, OSArmour and adwcleaner on demand.

Scans report clean. I guess they got my details from the site, not my system as they claim?
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
  • Report as Phishing
  • Block sender
212944


Turn on Account security
https://support.microsoft.com/en-gb/help/12408/microsoft-account-how-to-use-two-step-verification
 

Anon2406

New Member
May 2, 2019
1
I got exactly the same mail on Tuesday. Normally I easily spot phishing scams from a mile off but this one got me for a second! Never seen anything with my password on it before...however a quick google led me to realise the passwords retrieved from data leaks from large companies. I used this website : Have I Been Pwned: Check if your email has been compromised in a data breach , to double check that my password had been leaked and sure enough it had, ironically giving me some relief. Would recommend using it as found it very interestesting. You can search using your email and also any passwords you may have used.
 

Anon011

New Member
May 4, 2019
2
I got the same email last night. It honestly scared the sh*t out of me. I have an Anxiety Disorder and it ties in with Paranoia. Now I’m anxious to see if anything happens tomorrow night- as that’s when the supposed 48 hours runs out.

The bit that worried me was when they said they hacked into the Camera and have taken the photos of me and stuck them all together.

Trying to reassure myself that it’s nothing...
 
  • Like
Reactions: shmu26

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
I got the same email last night. It honestly scared the sh*t out of me. I have an Anxiety Disorder and it ties in with Paranoia. Now I’m anxious to see if anything happens tomorrow night- as that’s when the supposed 48 hours runs out.

The bit that worried me was when they said they hacked into the Camera and have taken the photos of me and stuck them all together.

Trying to reassure myself that it’s nothing...
Follow the advice of @Anon2406 just above you. It is a scam and try to relax.
 

Kogurre

New Member
May 6, 2019
2
My mother got the same email, she was obviously quite distressed. Actually she got two. One with the password empty, other with her old password. Someone was trying to access her Instagram account a couple months back, and she changed the passwords. So the scam doesn't have the new one months after the change, which I suspect is related. Though her e-mail address is NOT on haveIbeenpwned. Which is a little worrying, because I was hoping the password was just leaked in one of the big hacks.

A small giveaway about this being fake is that she uses her phone very often, but is rarely on the PC. The e-mail specifically mentions adult sites and recording the camera. Well, none of our PC's have cameras anyway. Even if one might have adult history, but let's not talk about that.

The part with the router vulnerability got me worried, especially since some sites talk about this email as if it was an actual trojan, but no PC's of ours seem to be infected. I'm pretty sure that if they wanted a ransom and had a trojan installed, I would find out about that in a way far more obvious than an email in the spam inbox. Also, neither I nor my father got these e-mails, and we are the ones with PC's she might have used at some point. We would be the obvious targets if someone accessed these PC's.

So yeah. Bit worried, but there are a lot of holes in the story. I'm guessing it's safe to ignore?
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
My mother got the same email, she was obviously quite distressed. Actually she got two. One with the password empty, other with her old password. Someone was trying to access her Instagram account a couple months back, and she changed the passwords. So the scam doesn't have the new one months after the change, which I suspect is related. Though her e-mail address is NOT on haveIbeenpwned. Which is a little worrying, because I was hoping the password was just leaked in one of the big hacks.

A small giveaway about this being fake is that she uses her phone very often, but is rarely on the PC. The e-mail specifically mentions adult sites and recording the camera. Well, none of our PC's have cameras anyway. Even if one might have adult history, but let's not talk about that.

The part with the router vulnerability got me worried, especially since some sites talk about this email as if it was an actual trojan, but no PC's of ours seem to be infected. I'm pretty sure that if they wanted a ransom and had a trojan installed, I would find out about that in a way far more obvious than an email in the spam inbox. Also, neither I nor my father got these e-mails, and we are the ones with PC's she might have used at some point. We would be the obvious targets if someone accessed these PC's.

So yeah. Bit worried, but there are a lot of holes in the story. I'm guessing it's safe to ignore?

Seems like you worked out the relevant concerns. They said they have camera access when there are no cameras (this is the best way to protect yourself anyway, always cover your camera when not in use). Also the password is old. Haveineenpwned is a great resource, but there are constant breaches that haven’t been documented. She could have fallen for a phishing email or something at some point, which doesn’t seem to matter if it’s an old password no longer in use. They feed on planting the seed of doubt. I’d say you’ve done a good job keeping it cool.

The part with the router vulnerability got me worried

Did you research the exploit they reference? Is your router even one that is vulnerable to this exploit?
 

Kogurre

New Member
May 6, 2019
2
Did you research the exploit they reference? Is your router even one that is vulnerable to this exploit?

Yeah. These appear to be a couple of hardware firewalls and a router. The thing is, I have a fancy router with the branding of my ISP, which could be rebranded. But I don't think it's that specific Cisco one anyway.

The thing is, when you Google the vulnerability, there are "security" sites that claim it's used to install a dangerous trojan, and you should install/buy their software to get rid of it. These people are no better than the scammers sending out these e-mails.

Also, I looked up the bitcoin address used in the spam e-mails. Already been flagged for fraud. Though it does have 7 transactions for around $600-$800. Unfortunately.
 
  • Like
Reactions: blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
Fraud and scams are everywhere. It’s easy to scare people with a vulnerability that bad.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top