Blackmail mail

An example of an extortion email
A sextortion / blackmail email that was sent to us

These emails have been doing the rounds for a while, but recently we’ve seen more people come in to the shop after receiving an email like the one above.

What should I do?

The short answer is there’s little to worry about as emails cost almost nothing to send, they send the same email to hundreds of thousands of people in the hopes of even 1 person panicking and paying their ransom. Delete the email and change the password anywhere you’ve used it.

The longer answer is that they have at least one of your passwords so you need to change the password everywhere you’ve used it. It’s good practice to use a different password everywhere but it’s can be hard to keep track of them all. I personally use a password manager like Bitwarden or Lastpass. This means you only have to remember one really good password and let the password manager generate and remember the rest.

How did they get my password?

In this day and age, everywhere we go on the internet they want you to sign up in order to use their services. Some of those places secure things better than others, and unfortunately websites are getting broken in to all the time exposing their users information.

Sometimes they only get your email address and will add you to spam lists that you can never get off of. There are of course worse breaches such as credit card details, private emails, or medical records, but the most common breach is email addresses, sometimes first/last name and often times a password.

To see if your details have been included in a data breach you can go to security researcher Troy Hunt’s Have I Been Pwned website and enter your email address. It will show you what websites your email address was included in.

What does the email look like?

An example of an extortion email

PASSWORD is your password. Lets get straight to the purpose. You may not know me and you are probably wondering why you are getting this e-mail? Not one person has compensated me to investigate about you.

Well, I actually placed a malware on the adult streaming (pornographic material) site and do you know what, you visited this website to have fun (you know what I mean). When you were viewing videos, your browser initiated operating as a Remote Desktop that has a key logger which provided me accessibility to your screen as well as webcam. Right after that, my software gathered your entire contacts from your Messenger, social networks, and e-mailaccount. Next I created a double-screen video. First part shows the video you were viewing (you have a good taste lmao), and next part shows the view of your web camera, & its you.

You have 2 solutions. We will understand each one of these solutions in particulars:

First alternative is to skip this email. In that case, I will send out your actual video to every bit of your personal contacts and thus think concerning the shame you can get. Moreover if you are in an affair, just how it can affect?

Second option will be to compensate me $5000. I will call it a donation. Subsequently, I most certainly will straightaway erase your videotape. You could resume your daily ro utine like this never happened and you are never going to hear back again from me.

You’ll make the payment by Bitcoin (if you do not know this, search for “how to buy bitcoin” in Google).

BTC Address: 14Sd6LJeXonk3sgJ3wmpYrn4sk3adaYC6Q
[CASE SENSITIVE copy & paste it]

If you are planning on going to the law, anyway, this email message cannot be traced back to me. I have dealt with my moves. I am just not looking to charge you a huge amount, I would like to be paid for.

You have one day to make the payment. I’ve a unique pixel in this e-mail, and right now I know that you have read this mail. If I don’t receive the BitCoins, I will definately send your video to all of your contacts including family members, coworkers, etc. Nevertheless, if I do get paid, I will destroy the video right away. If you want to have evidence, reply with Yea & I will send out your video recording to your 15 contacts. It’s a non-negotiable offer and thus please don’t waste mine time & yours by replying to this email.

Got Backups? Get them before you need them!

Examples of computer storage

We all know we should have backups, but few of us actually do. I’ve heard it many times from customers bringing their computer in to the shop. “I know I should have backups, but I hadn’t gotten around to it”, or “I’ve never had a problem so I haven’t needed to backup”.

Backups are like insurance. You never want to need it, but you want to have them just in case.

The often touted gold standard backup strategy is 3:2:1. That is, 3 copies of your data, 2 locally on different devices (external USB hard drive, USB flash drive, DVDs, etc) and 1 off-site, possibly a hard drive that you keep at a friend or family member’s place, or an employees in the case of business backups. It’s also very easy these days to use a “cloud” backup provider and keep your data safely in their data centre. Companies like BackBlaze offer offsite backup for US$5 per month per computer.

That’s great for the offsite backup, but while you may be happy to wait for 1TB of family photos to download to the new hard drive after the old one dies, you’ll be less happy waiting for your important business and tax files to download. This is where the 2 local backup sources come in.

At Static I.T. we have a NAS (Network Attached Storage) box that all of our computers back up to daily. Our 2 copies are on the original computer and on the NAS. If a hard drive develops the click of death, we’re back up and running within the hour by quickly restoring from that backup.

But what about those who only have a single computer or don’t have space for a NAS? There is no shortage of software that can back up your computer to an external hard drive. The software we use will backup your computer whenever you plug the drive in, and disconnect it once the backup is finished. No more having to remember to plug the drive in for the 5pm Friday backup, or leaving it plugged in and having in encrypted by ransomware if you open the wrong email.

If you don’t have backups, give us a call and we’ll set up reliable and easy to use backup solution for you. It’s not as expensive as you think, and it’s a lot cheaper than data recovery.