Blackmail mail

An example of an extortion email

These emails have been doing the rounds for a while, but recently we’ve seen more people come in to the shop after receiving an email like the one above.

What should I do?

The short answer is there’s little to worry about as emails cost almost nothing to send, they send the same email to hundreds of thousands of people in the hopes of even 1 person panicking and paying their ransom. Delete the email and change the password anywhere you’ve used it.

The longer answer is that they have at least one of your passwords so you need to change the password everywhere you’ve used it. It’s good practice to use a different password everywhere but it’s can be hard to keep track of them all. I personally use a password manager like Bitwarden or Lastpass. This means you only have to remember one really good password and let the password manager generate and remember the rest.

How did they get my password?

In this day and age, everywhere we go on the internet they want you to sign up in order to use their services. Some of those places secure things better than others, and unfortunately websites are getting broken in to all the time exposing their users information.

Sometimes they only get your email address and will add you to spam lists that you can never get off of. There are of course worse breaches such as credit card details, private emails, or medical records, but the most common breach is email addresses, sometimes first/last name and often times a password.

To see if your details have been included in a data breach you can go to security researcher Troy Hunt’s Have I Been Pwned website and enter your email address. It will show you what websites your email address was included in.

What does the email look like?

An example of an extortion email

PASSWORD is your password. Lets get straight to the purpose. You may not know me and you are probably wondering why you are getting this e-mail? Not one person has compensated me to investigate about you.

Well, I actually placed a malware on the adult streaming (pornographic material) site and do you know what, you visited this website to have fun (you know what I mean). When you were viewing videos, your browser initiated operating as a Remote Desktop that has a key logger which provided me accessibility to your screen as well as webcam. Right after that, my software gathered your entire contacts from your Messenger, social networks, and e-mailaccount. Next I created a double-screen video. First part shows the video you were viewing (you have a good taste lmao), and next part shows the view of your web camera, & its you.

You have 2 solutions. We will understand each one of these solutions in particulars:

First alternative is to skip this email. In that case, I will send out your actual video to every bit of your personal contacts and thus think concerning the shame you can get. Moreover if you are in an affair, just how it can affect?

Second option will be to compensate me $5000. I will call it a donation. Subsequently, I most certainly will straightaway erase your videotape. You could resume your daily ro utine like this never happened and you are never going to hear back again from me.

You’ll make the payment by Bitcoin (if you do not know this, search for “how to buy bitcoin” in Google).

BTC Address: 14Sd6LJeXonk3sgJ3wmpYrn4sk3adaYC6Q
[CASE SENSITIVE copy & paste it]

If you are planning on going to the law, anyway, this email message cannot be traced back to me. I have dealt with my moves. I am just not looking to charge you a huge amount, I would like to be paid for.

You have one day to make the payment. I’ve a unique pixel in this e-mail, and right now I know that you have read this mail. If I don’t receive the BitCoins, I will definately send your video to all of your contacts including family members, coworkers, etc. Nevertheless, if I do get paid, I will destroy the video right away. If you want to have evidence, reply with Yea & I will send out your video recording to your 15 contacts. It’s a non-negotiable offer and thus please don’t waste mine time & yours by replying to this email.