Menu

Ransom Email With Your Password

An email is circulating that is causing concern for those who receive them.  The email’s subject line is your password you have used on a website, maybe lots or even all of them depending on your safety practices. Attention caught!  Next, it has your name as the sender…Hey, that’s my name and password!  Then it goes on with a very convincing story of breaking into your computer, capturing everything you have done and websites you have gone to. All generic statements with no specifics. Then, your heart stops when it says it turned on your web camera and it’s been secretly recording you.  They then threaten, how would you like your life ruined?  They have a various amount of threats in different emails, some will send it to your spouse, co-workers and some threaten to send it to law enforcement.  Oh my, even if you didn’t do anything to break the law, what in the world do they have on me?   Don’t worry, it’ll all go away if you pay the ransom… Or as some of our clients found out, they just ask for more money after you pay the first one.

GOOD NEWS, it’s all a scam to see if you have a guilty conscience.  They’ve never accessed your computer, the only thing they know about you, is what they bought off the dark-web.  If, like most all of us, you have been part of some companies breach of data, your information is available to anyone that will buy it.  (Sometimes, it’s even free.)  So in this email, all the scammer needed was a website that your password and email were stolen.  Things like name, phone number, street address are all bonus material to use, but it really only takes the password/email to scare many people into paying up.  If they know your email and have your password, well, that’s pretty real and rightfully so, it’s scary.  Slow your pulse down by remembering, they just sent this same email to thousands and possibly even millions of stolen email addresses.  If even a small fraction falls for it and pays the ransom, that is a large amount of money.  (Yes, that could be millions.)   So you understand why they are doing it.  These are lazy scammers, they simply bought an email/password list, which even included a sample email to send out.  So for $1000, you too can be a scammer and maybe fool people into sending you a lot of money for your only 15 minutes of work.

WHAT TO DO:  Nothing, nothing at all.  Do not reply to it, do not contact them in any way and obviously, don’t send them money.  You can click “Spam” and mark it as spam so that similar messages get marked and never show up.  The key is just understanding what it is and not falling for it.

Digicom has a Data-Breach Center on our website.  If you’d like to see what breaches your email has been part of and what data may be floating about the Dark Web, then visit the site at https://www.digicom.com/breach-information-center/ and enter your email into the “Data Breach Testing Tool” and it will return a list of breaches you are known to be in.  This list is constantly being updated with the latest breaches.

WHAT YOU CAN DO:  Stay proactive on changing your passwords and staying up on if that password has been breached.  DO NOT use the same password on multiple sites, if one gets breached, hackers will try that email/password in an attempt to get them into other accounts.  So if your email/password is the same on Facebook, Twitter and another site that was breached… The hackers will potentially have access to your Facebook and Twitter accounts and be able to take them over.