Question

I received Blackmail, what should I do?

This is the email message that I received. I think it may be real, the writer of the message is too concise with his wording. The grammar is not garbled but very clear. I woke up this morning and opened this email not knowing that it had this message. Because I opened it the message says that there is a 48 hour "timer" that will go off. I can't find the sender because it is sent from my own email. I reseted my router and scanned the computer I used to open the email (I have a couple of computers, three: one school, a desktop which has windows xp 32-bit service pack 3, and a gaming computer with a native os windows 7 but updated a few years ago to windows 10). If you need any more information about what I did and some more about my circumstances just let me know and I will type in all that I know (within reason of course). Is it real, or just an email spoof? If its real what should I do? This is a school email that I received the blackmail on.


Hello!

I have very bad news for you.
09/08/2018 - on this day I hacked your OS and got full access to your account xxxxxxxxxxx

So, you can change the password, yes... But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $771 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 182PJESsEWbuJ8PEgfM58p64jbok3i1gNU

You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy

For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".

I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (this is not feasible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just do my job.
Good luck.

Discussion is locked
Answer
Follow
Reply to: I received Blackmail, what should I do?
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: I received Blackmail, what should I do?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Answer
Re: blackmail
- Collapse -
I think I've seen that as well on other PCs.

We just tell them to delete and NEVER answer such emails.

These scams only work if you pay.

- Collapse -
Answer
Spam

Report it as spam or phishing

- Collapse -
Answer
Social Engineering Scam
THIS IS A SCAM - NOTHING WAS COMPROMISED

I realize this is an old forum post but I thought it was important to update this thread with a definitive answer. I work in cybersecurity and received this email today. While it was obviously bogus to me, I decided to Google some key phrases to see how others reacted to it. Sadly, it appears the OP was scared enough to pay the "hacker" off judging by the blockchain logs. I sincerely do not want to shame the OP, but I do feel it's important to clarify why this was only a scam and absolutely nothing more.

Let's look over a few things about the email:

1. Your email address can be spoofed. Just because it says it came from your email address does not literally mean it did. A simple way to verify this is to check your 'Sent' folder. If it's not there, it wasn't sent from your address... it was spoofed. A more technical way to do this would be to check the email headers directly. Additionally, most email providers will allow you to check access logs for any suspicious login activity.

2. Despite what the OP says, this email is not concise. It's incredibly vague so as to apply to virtually anyone. Does it identify the OS? Does it identify the make and/or model of your router? Does it provide any information that only you would know (e.g. phone numbers, file data, etc.)? Nope. It makes no sense for the attacker to not supply specific information. After all, the attackers goal is to make you believe you've been compromised.

3. Is there a motivation for the attacker to have you to act fast and not think things through? Absolutely. That's a giant red flag. There is some legitimate ransomware that will require you to act fast, but the vast majority will first do something to prove its legitimacy (e.g. by encrypting your data and displaying a message telling you to pay by X date in order to recover your files).

4. A variation of this attack involves including your password in the email. That might seem like proof but all that indicates is that your email was compromised at some point in time. A lot of "hackers" will rely on email/pw lists. If you get an email like this with your past or current password, simply change it and ignore the email.

In conclusion, this is nothing more than a confidence scam. We all go occasionally go to those websites. Unless you're an adult film star, chances are you'd also be extremely embarrassed if your activity got leaked to family/coworkers/friends. Thus, the attacker is relying on this embarrassment to provoke you to send him money or else the whole world will know that you're a "BIG pervert".

On a side note, I'm really sorry you got taken advantage of OP. While it stinks to get scammed, at least a valuable lesson can be learned from it going forward. To everyone else, IGNORE UNSOLICITED EMAILS AND LEARN FROM OPS MISTAKE.
- Collapse -
Answer
A Phishing Scam

This email is a spoofed phishing scam. If you view the Original (the header), you will be able to find the real source of the message. However, it is important to just delete the message without responding to it or opening any links in it. You should also report this phishing scam to your email provider and change your password, too. When deleting this message, it is best to delete it from the Trash folder. This way, the email will be completely deleted from your email account.

CNET Forums