Widespread "Sextortion" malicious email campaign

If you've been one of the many unlucky enough to get a malicious email that includes a password - one that you've ever used - for an online account, don't panic and whatever you do, don't give the perpetrator any money !

The email will be some variation of:

"I'm aware, <password here>, is your pass word. You do not know me and you are probably wondering why you are getting this e-mail, correct?

Let me tell you, I placed a malware on the adult vids (porno) site and you know what, you visited this website to have fun (you know what I mean). While you were watching video clips, your web browser began operating as a RDP (Remote Desktop) having a keylogger which gave me accessibility to your screen and webcam. Right after that, my software program gathered your entire contacts from your Messenger, social networks, and email.

What you do need to do, is check all of your online accounts where (or if) you've used that password, and go reset it right now. Be sure to choose a new, unique and secure password that you will not re-use anywhere else :-)

And then stopy worrying, mostly. If you're not prone to panic, check that email (and any others you've used for any online accounts) at https://haveibeenpwned.com

You can read more about this scam here:

https://medium.com/@Kathleen_M_Ryan/learn-from-my-stupidity-157f3922ef4c

and here:

https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/

Last but not least, contact us if you want our help to ensure that you and your computer(s) and online accounts are as secure as can be.

Published July 12, 2018 by David Haines,

coresolutiongroup.com

(413) 584-5115

Background header image for this piece by Artem Bali on Unsplash