I got a ransomware email


#1

It was sent from my email and used an old password from years ago.

Here is the text from it:

Hello!

I’m a member of an international hacker group.

As you could probably have guessed, your account personal emaill address removed by mod was hacked, because I sent message you from it.

Now I have access to you accounts!

For example, your password for personal info removed by mod is (old password from years ago)

Within a period from July 7, 2018 to September 23, 2018, you were infected by the virus we’ve created, through an adult website you’ve visited.

So far, we have access to your messages, social media accounts, and messengers.

Moreover, we’ve gotten full damps of these data.

We are aware of your little and big secrets…yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know…

But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched!

I think you are not interested show this video to your friends, relatives, and your intimate one…

Transfer $800 to our Bitcoin wallet: 1CMQMKmvT4hz2k2ijyxVxN7fHS62K7uQ7z

If you don’t know about Bitcoin please input in Google “buy BTC”. It’s really easy.

I guarantee that after that, we’ll erase all your “data” :slight_smile:

A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount.

Your data will be erased once the money are transferred.

If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection.

You should always think about your security.

We hope this case will teach you to keep secrets.

Take care of yourself.

1: they don’t have my current password.
2: I never watch porn.
3: They did use my email as the sender.

Obviously I am not sending them any money. But who do I report this to? What else can I do?

I am going to fully back up my computer immediately and get a new password even though it’s clear they don’t have it.


Negotiating this updated forum, a couple of questions
Negotiating this updated forum, a couple of questions
#2

Its a scam you can ignore. Basically they are trying to trick you using a familiar password breached from another service, such as LinkedIn.

Unlike previous ransomware emails that would infect your computer and encrypt your data, this one does nothing.


#3

Let’s start with some good HitchHiker advice:
Don’t Panic.

Your choice not to pay in this case is probably a good one. There’s some clear signs of bluffing going on here: “The timer will start the moment you read this message” : incredibly unlikely for instance (sure read receipts exist, but they don’t always work and they’d be exposing themselves to risk).
The claim to have recorded you while doing things is also pretty unlikely. Webcams have record lights and they’re incredibly difficult to disable (though it is possible in some rare cases).
Then of course you say you don’t watch porn.

If I had to guess, you probably used your email and your old password for some other service (myspace, linkedin, etc.) which was hacked. And they’re just doing a driveby scaring. You can probably confirm that here:

Backing up your computer is a great idea.
Changing all your passwords is great idea.
Making a different password for each service is what you should do, and for that reason you should use a password manager.

You can report the email scam here:
https://www.ic3.gov/complaint/default.aspx

It won’t do anything for you specifically. But potentially maybe perhaps the perpetrators can be caught, though if it does happen you probably won’t know.

It’s unlikely you have been infected with malware, but obviously you should have some sort of A/V in use and you have it run scans.

If you’re on Windows 10, then Windows Defender is probably good enough.


#4

Thank you to you both; this confirms my sense of things. Of course I do keep all security and programs fully updated and don’t use the same password twice and I do update them, change them. All they had was a very old password that I only used for my email account. It has since been changed many many times over.

I’m fairly sure my email was compromised when that pw was in effect, as it’s a yahoo account and yahoo was breached at that time. I was warned it was compromised and made a new and much stronger password immediately before it could be hijacked as my husband’s had been earlier that year. I will check the links provided however and also report the scam. Thanks for those; it’s what I needed.

I just ran scans with my security programs and they came up clean.


#5

Don’t be tensed. I get nearly 2-3 spam mail in every hour. Just close the eyes and click the delete all button.

If you open your email account in Chromium it will show the sender when you hover the cursor upon that email (without opening the mail).


#6

There is spam, and then there was this; nasty. (Since my email provider got sold this year, the amount of spam ending up in my spam file has exploded from 1 or 2 a day to over 100 a day.)

I can hover over any email without opening it too in Firefox to see who is sending it, but as I stated, in this case it showed my own email as the sender.

But in letting it sit for a while, it came to me that if it had been genuine, wouldn’t my files already be encrypted and I’d have to pay to get the key to unencrypt them? Another clear indicator this is phishing.


#7

I have an active thread on ransomware going and I wanted to edit my op as I inadvertently included my email in it in copying the text from the threatening email, to remove it. I got a ransomware email

I see the editing feature is gone now for that post and I can find no way to access PM to notify a moderator to help me fix this, nor can I access my account. Where are they located now?


#8

Users are able to edit their posts for a limited amount of time - I believe it’s about eight hours, although I’m not exactly sure.

After that time, you will be unable to make any changes to your post.

I wend back to your original post and took out the personal email addresses, while leaving the rest alone.


#9

Thank you, I do appreciate it.


#10

Still shows up in the edit history though. Can mods also edit the edit history?


#11

Good question.

Also where do I access my account and personal messages?


#12

Click on your icon on the upper-right when you are logged in - you can access your account via that menu.


#13

Not sure what you mean by that


#14

Click on that pencil icon. You’ll see that OPs email address is still visible for anyone to see. That’s why I asked if mods can modify the edit history, since removing personal information from the post doesn’t seem to delete it from the edit history.


#15

Now I see it. It’s those tiny icons above all the notifications. I had thought that tab was just the notifications.


#16

I see what you mean. I’m going to bring this to the attention of the senior Mod, who may have more info about this.

FYI - I am not able to edit that history - but there may be a way we can hide it. Thanks for bringing it to our attention.


#17

#18

Thank you and thanks for moving this to PMs. I really appreciate it.


#19

#20

Sorry - that was a mistake on my part.

PM’s are usually for specific questions or problems. I’ve reopened the thread to public, but I’ve also notified the senior Mod - who will provide more input when he gets a chance.