There is a new Sextortion scam going on claiming that scammers have installed malware on your computer and contains your real password
There is a new Sextortion scam going on claiming that scammers have installed malware on your computer and contains your real password.According to reports the email states they have your password and victim’s computer was infected with malware while he visited a porn site.The attacker also claims he has recorded videos of victim visiting the porn site using the webcam and threatens to release the videos to all your contacts unless the victim pays a bitcoin ransom.The emails read as follows:
I’m aware that xxxxxxx is your password, You don’t know me and you’re thinking why you received this e mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.
What exactly did I do?
I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).
What should you do?
Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).
BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT
Important:
You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.
Even Though the email is just a scam and attacker doesn't have any videos of recipients, but the email contains the real password used by the recipient making it more convincing for the recipients to fall for the scam. The password will be either recipient current password or formerly used password which in some cases goes back to ten years older passwordsAccording to Brian Krebs scammers may have got the password any one of the data breaches happened in the last decade.“I suspect that as this scam gets refined, even more, perpetrators will begin using more recent and relevant passwords — and perhaps other personal data that can be found online — to convince people that the hacking threat is real. That’s because there are a number of shady password lookup services online that index billions of usernames (i.e. email addresses) and passwords stolen in some of the biggest data breaches to date.” said in the post published by Brian Krebs.In case if you have received this email, this is just a scam, and they do not have malware installed on your computer and videos of you, but if you are still using the password mentioned in that email, you are advised to change it immediately.