We have seen a sharp uptick in this latest Phishing exploit and we wanted to make you aware.
We have started seeing and hearing about a new email phishing exploit that has the recipient of the emails understandably concerned.
These emails appear to come from a legitimate contact from within their organization or from a trusted email contact. The email claims to have ‘hacked’ the user’s account and that they have been actively watched for a period of time. Here is an example of this email:
I’m a member of an international hacker group.
As you could probably have guessed, your account [Email Redacted] was hacked, I sent message you from it.
Now I have access to you accounts! You still do not believe it?
So, this is your password: [Password Redacted] , right?
Within a period from July 5, 2018 to September 21, 2018, you were infected by the virus we’ve created, through an adult website you’ve visited.
So far, we have access to your messages, social media accounts, and messengers.
Moreover, we’ve gotten full damps of these data.
We are aware of your little and big secrets…yeah, you do have them. We saw and recorded your doings on porn websites. Your tastes are so weird, you know..
But the key thing is that sometimes we recorded you with your webcam, syncing the recordings with what you watched!
I think you are not interested show this video to your friends, relatives, and your intimate one…
Transfer $700 to our Bitcoin wallet: [Bitcoin Wallet Redacted]
I guarantee that after that, we’ll erase all your “data”
A timer will start once you read this message. You have 48 hours to pay the above-mentioned amount.
Your data will be erased once the money are transferred.
If they are not, all your messages and videos recorded will be automatically sent to all your contacts found on your devices at the moment of infection.
You should always think about your security. We hope this case will teach you to keep secrets.
Take care of yourself.
Your account has not actually been hacked, but this new exploit is sophisticated enough that it is bypassing SPAM filters. What we have seen through research and security emails/boards is that the passwords/emails were ‘harvested’ during a prior security breach.
We are asking for all end users to check the password provided, and if they have any accounts with that password, to change it immediately. Also, we ask that you run your email address through this site to see if it has been flagged on any previous breaches. And lastly, we are asking you to delete these emails.
Go to: haveibeenpwned.com and typing in your email address. It will likely come back with the fact that you’ve been part of a data breach that includes your email address and password.
Now under no circumstances should you pay up. The main reasons are that not only does it make the scammers want to keep doing it, but because many BitCoin exchanges or ATMs do not require you to verify your identity. Thus there’s no way for the scammer to tie you to the money that they could get from you. Which means that they have no way to delete the data that they allegedly collected if you pay them. Which means that they’re lying about having data on you. Thus never pay them a single cent.
In regards to the use of the webcam to record the victim; it is possible to remotely take over a webcam in a laptop, so if you are the least bit worried about it, you can cover your laptop camera with tape. Or you can disable it entirely. Ditto for the microphone as well.
Unfortunately we have seen a large increase in phishing schemes, so ask that you remain vigilant. If an email looks suspicious, it very likely is.