I do know, ********, is your pass word. You may not know me and you are probably thinking why you are getting this email, right? In fact, I setup a malware on the adult vids (pornography) web-site and do you know what, you visited this site to have fun (you know what I mean). While you were watching video clips, your web browser initiated operating as a RDP (Remote Desktop) with a key logger which gave me accessibility to your display and webcam. Immediately after that, my software program obtained your entire contacts from your Messenger, social networks, as well as email. What did I do? I created a double-screen video. First part displays the video you were viewing (you've got a good taste rofl), and 2nd part displays the recording of your web camera. What should you do? Well, I believe, $1900 is a fair price tag for our little secret. You will make the payment via Bitcoin (if you don't know this, search "how to buy bitcoin" in Google). BTC Address: ********************************** (It is cAsE sensitive, so copy and paste it) Important: You now have one day to make the payment. (I have a special pixel in this email message, and right now I know that you have read this email message). If I don't get the BitCoins, I will definately send out your video recording to all of your contacts including relatives, coworkers, and so on. Having said that, if I do get paid, I'll destroy the video immidiately. If you need proof, reply with "Yes!" and I will send your video to your 8 contacts. It is a non-negotiable offer, that being said please don't waste my time and yours by replying to this mail.When I examined the HTML of the message, I noticed that the text was broken up with a comment, specifically <!-- tyler -->, every 3-6 characters. I then had a good laugh at the claims and the “method of compromise” along with the data taken. At this point, it’s worth pointing out for those that are unaware that nearly everybody has a username/email and password on a breach list somewhere. Some people are embarrassed when they learn their username and password has been compromised, but we live in a day and age when it is unavoidable. You have no control over the security precautions used by various web sites, and all too often websites are breached and login credentials and stolen. With all the websites with which we’ve registered, it's more than likely that your credentials have been stolen and tried on other websites. You can easily see if you appear on any breach lists with a quick search of Have I Been Pwned. I recognized this as a scam immediately and ignored it. I received the email on July 10th and noticed it on July 22nd, so this email scam has been going around for at least a few weeks. More recently, my aunt posted on Facebook that she had received a similar message. I asked her to forward it to me and, sure enough, it was almost identical. But it was clearly reworded. Interestingly, her forward (with no additional text) showed up in my inbox, while the original had made it into my spam folder, and she isn’t in my contact list. Here’s the email, again with spelling mistakes and all (and an actual password masked by asterisks).
I know ********* one of your pass word. Lets get right to the point. You may not know me and you are probably wondering why you're getting this e-mail? No-one has compensated me to check about you. actually, I actually placed a malware on the 18+ videos (pornography) web-site and do you know what, you visited this web site to experience fun (you know what I mean). While you were watching videos, your internet browser started working as a Remote Desktop that has a key logger which provided me with access to your display screen as well as web cam. Immediately after that, my software gathered every one of your contacts from your Messenger, social> networks, and e-mailaccount. Next I made a video. First part displays the video you were viewing (you've got a nice taste ; )), and next part displays the view of your webcam, yea its you. You got two different choices. Why dont we understand these solutions in particulars: First choice is to skip this e mail. In that case, I will send your very own video to all your your contacts and also imagine about the shame you feel. And definitely in case you are in a relationship, how this will affect? Number 2 choice should be to compensate me $7000. Let us name it as a donation. As a consequence, I most certainly will promptly eliminate your video footage. You could go on with your life like this never took place and you would never hear back again from me. You will make the payment via Bitcoin (if you don't know this, search for "how to buy bitcoin" in Google search engine). BTC Address: ************************************* [case-SENSITIVE, copy & paste it] If you may be wondering about going to the police, very well, this email message cannot be traced back to me. I have covered my steps. I am just not trying to ask you for money so much, I simply want to be rewarded. You have one day to make the payment. I've a special pixel in this e-mail, and now I know that you have read this mail. If I don't get the BitCoins, I will certainly send out your video recording to all of your contacts including close relatives, coworkers, and so forth. However, if I receive the payment, I'll erase the video immediately. It's a non-negotiable offer, and thus do not waste mine time & yours by responding to this e-mail. If you want evidence, reply Yeah & I will send out your video to your 11 contacts.The bitcoin addresses were different, and I was amused by the slight wording and formatting changes. Additionally, and this may just be a coincidence given the small sample set, the email I received was from someone with the initials “CH,” while my aunt’s was from a sender with the initials “HC.” In both cases, the email subject was [username] – [password], and the username matched the email username (likely because they were looking for accounts where the username was an email address). One insulting thing was that my aunt’s password was worth $7000, while mine was only worth $1900. To reiterate, when you see an email like this, as long as you already changed your passwords following a breach, the sender has nothing. If you have not changed your password, they may have access to that account. It is a good idea to sign up for breach notifications with a service like Have I Been Pwned to ensure you know when one of your accounts appears in the wild. It’s also important to remember that we live in a time where password breaches are as common as having a morning coffee or going to sleep at night. Use proper password hygiene and the risk associated with a data breach will be minimized. You can find plenty of lists online, but I’ll leave you with the two I feel are most important.