Well, it’s another day, and that means yet another dangerous scam from times past is making the rounds yet again.
This scam is called the “This Account Has Been Hacked” scam, and it’s back to spreading like crazy via regular email.
Although there are very slight variations in the wording and the types of claims being made in the emails, the scam typically works like this:
You receive an email from someone claiming to be a hacker who has taken control of both your computer and your email account.
In most of the scam messages the scammer claims that your computer became infected with a virus that allowed him to take photos and/or capture video of you with your own webcam while you were visiting an “adult” website.
The scammer then attempts to blackmail you by saying he will send the photos and/or video he recorded of you watching the adult videos to all of your email contacts, family and friends unless you send him some large amount of cash via Bitcoin.
As “proof” that he has hacked into your computer he points out that he “sent” the scam email to you from your own email address – and in some cases he’ll even include one of your old passwords that he retrieved from the dark web.
Here is the text of one of these scam emails so you’ll know exactly what to look out for:
Email subject line:
“This account has been hacked! Change your password right now!“
Email text:
“– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.
I guarantee you that I will not disturb you again after payment, as you are not my single victim. This is a hacker code of honor.
Don’t be mad at me, everyone has their own work.
exactly what should you do?
Well, in my opinion, $1000 (USD) is a fair price for our little secret. You’ll make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).
My Bitcoin wallet Address:
[Bitcoin address redacted]
(It is cAsE sensitive, so copy and paste it)
Important:
You have 48 hour in order to make the payment. (I’ve a unique pixel in this e mail, and at this moment I know that you have read through this email message).
To track the reading of a message and the actions in it, I use the facebook pixel.
Thanks to them. (Everything that is used for the authorities can help us.)
If I do not get the BitCoins, I will certainly send out your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I receive the payment, I’ll destroy the video immidiately.
If you need evidence, reply with “Yes!” and I will certainly send out your video recording to your 6 contacts. It is a non-negotiable offer, that being said don’t waste my personal time and yours by responding to this message.”
Pretty scary stuff, I know. But don’t worry, it’s all a scam and you’ll be just fine as long as you don’t send the scammer any money.
If you receive an email like this DO NOT respond to the scammer in any way.
DO NOT send him any money and DO NOT worry that he might really have hacked into your computer and email account or taken any photos or captured any video of you with your webcam.
Rest assured that none of those things actually happened. The entire email is a scam, from start to finish.
If you’re wondering how the scammer managed to send the email from your own email account without hacking into it, the answer is simple: He didn’t.
The scammer actually sent the email from his own email account but he spoofed YOUR email address to make it appear that the email was sent to you from your own account.
So how did the scammer get your email address in the first place?
Well, there are several methods scammers use to collect email addresses of prospective victims. Here are the two most common methods:
1 – The scammers use bots to “scrape” email addresses from websites (primarily social media sites and personal blogs).
2 – The scammers purchase lists of harvested emails from other scammers.
3 – You were the victim of a successful phishing attempt.
Regardless of how the scammer managed to get your email address, the result is the same. You’ll receive scam emails attempting to blackmail you into sending the scammers your hard-earned money.
Don’t fall for it. Simply delete any scam emails that happen to land in your inbox and don’t worry about it. The scammer has no “dirt” on you and he did not hack into your computer and email account.
One important caveat: If the scammer included one of your actual old passwords in the email that means he likely retrieved it from a list of compromised passwords that he found on the dark web.
If you have already changed your password from the one mentioned in the email you can simply ignore the scam message with no worries.
However, if you are still using that same compromised password on your account you should change it right away AND enable Two-Factor Authentication on the account.
Bottom line: What makes this scam so dangerous is the amount of money you’ll be throwing away if you fall for the scam and pay the ransom. Don’t fall for it!