What to do if you receive an email indicating a hacker has your password

Recently, a client received an email that is pretty darn scary.  Let me include the email here and a few bits of information that I think will help anyone that also has this problem.

This is the email…


Hello!

I’m a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from xxx@xxxxxx.com on moment of crack: xxxxxx

Of course you can will change your password, or already made it.
But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I’m sure you don’t want it. I definitely would not want to …

I will not do this if you pay me a little amount.
I think $856 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1BncH5WxBSYJ6mmcJC9bCRxQ6Z1evvtRxk

If you have difficulty with this – Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen – all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

And then there was this one that came shortly after…

hello, my sacrifice.

THIS IS MY LAST WARNING!

I write you because I attached a trojan on the web page withpornography which you have viewed.
My trojan captured all your personal info and turned on your camera whichrecorded the process of your wank. Just after that the trojan saved yourcontact list.
I will delete the compromising video and data if you pay me 700 EURO inbitcoin.

This is wallet address for payment :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX I give you 30h after you view my message for making the transaction.
As soon as you view the message I’ll know it immediately.
It is not necessary to tell me that you have paid to me. This wallet address is connected to you, my system will erased automatically after transfer confirmation.
If you need 50h just Open the calculator on your desktop and press +++
If you don’t pay, I’ll send dirt to all your contacts.     
Let me remind you-I see what you’re doing!
You can visit the police office but anybody can’t help you.
If you try to deceive me , I’ll see it immediately!
I don’t live in your country. So they can’t find my whereabouts even for 9 months.
bye. Don’t forget about the shame and to ignore, Your life can be destroyed.

This is pretty scary, right?

The “hacker” seems to have your password or at least one that used to be your password!  It is RIGHT THERE in the email!   What’s more, the hacker seems to have sent you this email from your own email account!

Some of these emails even come with attachments: DON’T OPEN ANY ATTACHMENTS!  If you do, then the hacker could get access to your computer if he did not already have access.

Well, let me first give you a caveat:  I cannot diagnose an email or any problem I have not personally looked at, so don’t take what I am about to say as a diagnosis for you’re problem – if this is similar to your situation.

Now, having said that, let me run down a few possibilities for you:

  • Your password was legitimately hacked from your computer and they do have access to your information… this is the most dire of all the scenarios, but not very likely and should be diagnosed by a professional.
  • Your information was hacked from a company that was breached.  You hear about these fairly often now, but the information that was gathered is generally used for a different purpose – namely selling on the dark web or an actual account/identity theft.
  • Your information was sold on the dark web and purchased by your extortionist.  (A consequence of  the second bullet and most likely the case with emails such as these.)

Once again I want to tell you that if you find yourself in a situation such as this, you need professional help.  I’m not talking about your cousin who “knows a lot” about computers.  I mean a computer professional who knows what he is doing with and how to diagnose and advise about matters to do with computer and data security issues.

What’s at risk?

Your information, is not just a bunch of random bits anymore.  Your activity for purchases, browsing on social media, the internet, Google searches, and even your physical location through your cell phone are traceable and are being traced, data mined, and sold.

Your identifiers (would they become compromised) could be used to open new accounts without even setting foot in a bank.  A hacker can open a new checking account online in your name and lend legitimacy to any claim of identity.

Further, your information can be used to gain access to even more information and accounts that could be used to “hack other humans” into naively handing over even more information… it’s called social engineering, and it is a far more prevalent threat than someone “hacking into your computer.”

What do I do if this scenario applies to me?

In future articles (arriving daily), I will outline what you should do if this email or one of the scenarios above applies to you.  I will also drop links in this article to those tips.

Above all else, don’t panic, but do have a sense of urgency about correcting what went wrong and making sure you have done all you can to prevent a breach from happening.

Don’t pay anyone anything.  Let’s say you did do something shameful and they have the information on you.  This isn’t the movies.  Criminals and exploiting predators don’t have a conscience or a moral compass.  Whether or not they decide to release the information they may or may not have is entirely up to whether or not they have eaten a bowl of cereal in the last 30 minutes.  Seriously.  You cannot trust that they are going to honor their extortion terms or that they won’t come after you again later on if you do pay now.  Just don’t do it.  -ekiN 

Curious about what data is out on the dark web?

You can find out what has been published.  Experian, the credit reporting agency has a service that scans (what they know of) the dark web and reports if any of your information is out there.  Here is the link: https://www.experian.com/consumer-products/free-dark-web-email-scan.html

Just keep in mind, the dark web is a constantly changing mass of data exchange.  It is amorphous and cannot be completely scanned, but what data Experian does report IS out there and it IS useful.

Change all passwords associated with any email addresses as well as accounts that use that same email address.

Consider setting up a spam email account to register accounts that you are unsure of.

Protect yourself from future attacks.

The most important thing you can do for yourself now to protect your personal computer is to:

  1. Get antivirus and malware scanning software on your computer.
  2. Regular backups should be implemented… real backups – not the Windows system restore feature.
  3. Do regular maintenance on your software/OS/data
  4. Get password management software
  5. Get paranoid about sharing any data or activity with any app or software
  6. Get educated about how to protect yourself against phishing attacks like this one and others.
  7. Implement a data privacy plan.

Folks that don’t have an “IT guy” on contract should get one:  look at it this way – you pay insurance for your car, right?   Maybe you have a service plan for your lawn, your car (maintenance, inspections, etc.).  You pay insurance on your house, right?  You pay for health insurance, life insurance… what is wrong with paying “computing insurance” when so much (credit cards, bank accounts, data and loss of photos, etc.) is at stake?  No solution is fool-proof, but no protection at all is an open door for anyone seeking to violate your data integrity.

Contact Covenant Computing now for help.

Start a New Service Ticket