Just received a Hacking Threat by email

[WWGD]

TL;DR Summary

Someone sent me an email telling me they've hacked me. Not sure what to do

Here's an email I received today,
from

 

[WWGD]

Last part was:

 

[WWGD]

What can/should I do?
I'm fully legit, nothing to hide, never watched porn of any type , to be embarrassed.

 

[jack action]

Ignore.

I received this type of threat many times. They are just sending this email randomly to anyone and everyone, hoping someone will take the bait. You haven't been hacked in any way.

Even if they did hack you, I doubt such gentlemen would keep their end of the deal if you would pay.

 

[WWGD]

Yes, there's no evidence of any virus . Thanks.

 

[DaveC426913]

This is a common scam. Do nothing except report and delete.

 

[topsquark]

The owner of FreeMathHelp got such a message last year. They threatened to incapacitate the website and put all of his personal information on the web.

The good news: The owner never paid. The hackers got desperate, ruined a few things, and actually started pleading with the owner trying to get him to respond. So far as I can tell, they've given up.

The bad news: We can't contact the owner, either. We are praying that he's okay.

Still, these types of hackers are petty and really can't do that much unless they run into someone juicy.

-Dan

 

[OCR]

Someone sent me an email telling me they've hacked me.

How did they get your email address. . . any idea? .

.

 

[WWGD]

How did they get your email address. . . any idea? .

.

My best guess: I go at times to coffee shops whose WiFi is not encrypted end-to-end. I've stopped doing it a few months back.

 

[OCR]

My best guess . . .

Copy that . . .
.

 

[PeroK]

Yes, there's no evidence of any virus . Thanks.

It's a complete bluff. If someone had hacked your devices, they wouldn't resort to an email that would possibly go to your junk folder.

Moreover, the text is generic. There's nothing specific to show that they know anything about you except your email.

You could report it to the police, as the perpetrator is commiting a serious criminal offence.

 

[vela]

My best guess: I go at times to coffee shops whose WiFi is not encrypted end-to-end. I've stopped doing it a few months back.

It's more likely your email address was leaked through one or more of the numerous corporate breaches that have happened in the past.

 

[Tom.G]

Or, if you want to 'play' their game, reply to the email telling them to "prove it." Tell them to send you two or three of the files they grabbed and you then MAY consider their offer.

If you are in to playing mind games you can keep yourself, and them, entertained for a bit -- until they give up! After all, they have easier suckers to annoy.

Cheers,
Tom

p.s. Please keep us updated, we could all use a good laugh now and then.

BTW, emails have a return address embedded in the header that most email applications can display, it is easily hacked by the sender though so is not always accurate. What IS usually accurate is the route the email took thru the various computers (and countries) to get to you.

 

[WWGD]

I believe another possibility is that I have posted, submitted pics, attachments , and they used the associated metadata somehow. I submitted it by phone for a while, then I started getting texts from strange sources( I usually get spam phone calls, but not texts.). When I submitted such pics, attachments through my pc, I started getting emails like this one. Because I was not using end-to-end encryption, I believe.

 

[topsquark]

It wasn't anything illegal, but I was once approached by a company that said that my computer had been hacked and information sent out to the internet. They would (very helpfully) go into my system for me and fix the problems. Knowing better, I asked them to prove that they were legit. The conversation went something like this:
They said:
"Go into (ran me through a series of folders and into a file). This is the number you will see at the top of the file."

I said:
"But if you were the ones that hacked my computer, you would know that."

"No, we didn't hack your computer! We just want to go in and install a program that will search for all of you security problems, then we will fix them."

"I see. But, and please forgive me for continuing this thought, if you had only been able to exploit an insecurity in my system before wouldn't this just give you a chance to completely take over my computer? I can't give you access until I am sure that you aren't going to ruin my computer."

"We wouldn't do that. We are a computer security business."

"Ah! So you are offering to fix the security problems on my computer, and then I am going to be charged for it?"

"Well, the security program we are going to upload and run is going to find all of your security problems and we can talk about what needs to be fixed the most. According to our information you have many faults that someone has apparently created in your system."

"If I have that many faults, wouldn't it be simpler and safer to simply do a hard wipe on the drive and start over?"

"Oh no! That wouldn't fix anything. We can..."

(I stopped listening to anything they said after that and soon hung up. My brother-in-law in IT confirmed at any computer based security faults would indeed be cured by a hard wipe.)

They tried this three more times over the next several months.

I doubt that they were doing anything illegal, I think they were just trying to get me to purchase their security system, but it could easily have been someone trying to gain access.

You can't trust anyone or anything that says you are compromised. If you have any doubts, there are legitimate security companies you can contact that will run a check for you, both on your computer and on the net (for a moderate fee). You can find some by contacting Symantec (the company that runs Norton Security Suite) or McAfee.

-Dan

 

[Vanadium 50]

How did they get your email addres

They can just make them up and see which ones bounce.

I wonder how many replies they get like "I have no bitcoins to send you, but I know this Nigerian Princess who has millions..."

 

[DrJohn]

I got a phone call once that told me my computer had some major problems that they had detected over the last few weeks as they were calling from MS Security, and if I followed their instructions by looking at a certain feature that MS supply built in to Windows, I would see lots of errors, in red, that needed correcting to stay secure.

Intrigued, I decided to keep them on the phone and follow their instructions, and yes there were lots of errors marked in red!

They said I should download their software tool and they would sort things for me. I asked how long they'd been receiving error reports and they said it was because of a virus I received two weeks ago.

When I said this is a new computer I received yesterday (true) and it hasn't been on the internet yet, they got most upset. And called me a scammer. Then I said no, my job is a security consultant advising people about scammers. And when I added that my company tracks where their call is coming from, by keeping them on the phone for a while, they said a rude word or five and hung up. I don't track scammers, but that one usually works quite well.

What was interesting was the errors were real, dozens of them, on a brand new computer. But google revealed they were very common on any new computer (and old ones too, of course) and occurred when installing new software! And it also said just ignore these errors. So the scammers had a way of frightening almost anyone who follows their instructions to see the "problems" they will solve. They solve them by deleting the entries in the list, but then their software now has access to your computer.

My advice about the email? Delete it. It's a scam.

 

[BWV]

My best guess: I go at times to coffee shops whose WiFi is not encrypted end-to-end. I've stopped doing it a few months back.

more likely is some website that had your email was hacked - which is why you should not reuse passwords across accounts. Assume every old email / password combination you have ever used is out there on the dark web

 

[Hornbein]

And called me a scammer.

Whew! "Some people really have a lot of nerve." -- The Roches.

 

[FactChecker]

Yes, there's no evidence of any virus . Thanks.

Does that mean that you did a scan? That is worth doing regularly, whether you get a threat or not. I do monthly scans before doing a backup. I don't know if that is enough, but the scans (Norton) have never found anything. I was hit by a virus once about 15 years ago.

PS. If your information (email, etc.) is not out there being sold, you are probably the only person in the country like that. I can tell when mine has been sold again by the fact that I get about 20 virtually identical emails in a day trying to get information from me. I just delete them all.

 

[DaveC426913]

The owner of FreeMathHelp got such a message last year. They threatened to incapacitate the website and put all of his personal information on the web.

The good news: The owner never paid. The hackers got desperate, ruined a few things, and actually started pleading with the owner trying to get him to respond. So far as I can tell, they've given up.

OK, hang on.

You seem to be talking about a bona fide attack (and one that must have succeeded if they could actually do any damage). I think those are relatively rare enough that private individuals will generally never see one.

As far as I understand, what WWGD and most of us receive is totally phishing - a complete and utter bluff there is zero teeth behind it.

 

[WWGD]

Well, now I'm not just getting phishing/scam emails, but also scam texts. Britanny from Ukraine wants to meet me. Wait, a Ukrainian woman named Brittany? What's next, Janet from Mongolia?

 

[Vanadium 50]

Pablo is Japanese. It's Boleslaw who is Mongolian.

 

[topsquark]

OK, hang on.

You seem to be talking about a bona fide attack (and one that must have succeeded if they could actually do any damage). I think those are relatively rare enough that private individuals will generally never see one.

As far as I understand, what WWGD and most of us receive is totally phishing - a complete and utter bluff there is zero teeth behind it.

Yes, the FreeMathHelp attack was real. But, fortunately, they didn't seem to be all that good at it. And they clearly weren't expecting the guy to not respond to them. The damage should be repairable if the owner comes back and restores a backup of the forum software. Only, no one can find the guy!

Yeah, what happened to WWGD seems pretty low key.

-Dan

 

[jack action]

I got mine last Friday! It was in my spam folder:

Hi there!

I am a professional hacker and have successfully managed to hack your operating system.
Currently I have gained full access to your account.

In addition, I was secretly monitoring all your activities and watching you for several months.
The thing is your computer was infected with harmful spyware due to the fact that you had visited a website with porn content previously.
╭ ᑎ ╮

Let me explain to you what that entails. Thanks to Trojan viruses, I can gain complete access to your computer or any other device that you own.
It means that I can see absolutely everything in your screen and switch on the camera as well as microphone at any point of time without your permission.
In addition, I can also access and see your confidential information as well as your emails and chat messages.

You may be wondering why your antivirus cannot detect my malicious software.
Let me break it down for you: I am using harmful software that is driver-based,
which refreshes its signatures on 4-hourly basis, hence your antivirus is unable to detect it presence.

I have made a video compilation, which shows on the left side the scenes of you happily masturbating,
while on the right side it demonstrates the video you were watching at that moment..ᵔ.ᵔ

All I need is just to share this video to all email addresses and messenger contacts of people you are in communication with on your device or PC.
Furthermore, I can also make public all your emails and chat history.

I believe you would definitely want to avoid this from happening.
Here is what you need to do - transfer the Bitcoin equivalent of 610 USD to my Bitcoin account
(that is rather a simple process, which you can check out online in case if you don't know how to do that).

Below is my bitcoin account information (Bitcoin wallet):
16U9wzzbUBDTf6CQFiwd9a9vfpkaC6QwhK

Once the required amount is transferred to my account, I will proceed with deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 50 hours (2 days +).
I will receive a notification right after you open this email, hence the countdown will start.

Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight away proceed with making your private videos public.

Have a nice day!

 

[Vanadium 50]

Send Dudley Do-Right!*

* A cartoon Mountie, at one time banned in Canada.

 

[PeroK]

I got mine last Friday! It was in my spam folder:

This is the brave new world where crypto currencies replace traditional banks, without it seems any curbs or sanctions against serious criminal activity.

 

[topsquark]

Send Dudley Do-Right!*

* A cartoon Mountie, at one time banned in Canada.

Some trivia: Unknown to many, Dudley Do-Right was banned due to a lawsuit from a firm owned by Snidely Whiplash!

It's a fact.

-Dan

 

[Vanadium 50]

When will this end? Well, probably when the crooks go after the wrong guy.

In the late 70s, a fellow named Tony "Big Tuna" Accardo was burglazrixed. His occupation? Um..."Legitimate Businessman". He didn't even have a lock on his door -who would dare steal from Tony "Big Tuna" Accardo?

Someone did. And that winter, the police kept finding bits and pieces of the gang that did it all over town. And by bits and pieces, I mean bits and pieces.

Someday someone will attempt to scam one of these Legitimate Businessmen. And then they will be "made a 'zample of."

 

[WWGD]

My brother received an email threat similar to mine. The day after mine. I survived the threat, still thinking on whether I should try to humiliate the sender.

 

[BWV]

I got mine last Friday! It was in my spam folder:

Looks like the scammer already had 2 suckers- there is $1200 in the wallet

https://www.blockchain.com/explorer/addresses/btc/16U9wzzbUBDTf6CQFiwd9a9vfpkaC6QwhK

 

[jack action]

Looks like the scammer already had 2 suckers- there is $1200 in the wallet

https://www.blockchain.com/explorer/addresses/btc/16U9wzzbUBDTf6CQFiwd9a9vfpkaC6QwhK

View attachment 329600

That is why I put mine in plain text in my post. Somebody might look up the email in a search engine and end up here, learning it is not a serious threat.

 

[jack action]

This is the brave new world where crypto currencies replace traditional banks, without it seems any curbs or sanctions against serious criminal activity.

For all I know, traditional banks haven't stopped criminal activities in any way.

 

[PeroK]

For all I know, traditional banks haven't stopped criminal activities in any way.

Banks are, at least in theory, governed by the law and banking regulations. It's unlikely that you'll wake up one morning to find your bank account empty. And, even if you do, there is a legal process available.

If someone steals your bitcoin, AFAIK, it's gone and you have no means of redress, legal or otherwise.

If the blackmailer's account in this case was with a regular bank, the account could be frozen.

 

[BWV]

TL;DR Summary: Someone sent me an email telling me they've hacked me. Not sure what to do

Here's an email I received today,
from

View attachment 329477View attachment 329478

Only on transaction on this wallet on 7/19 (prior to the email), so fortunately no takers

 

[Vanadium 50]

For all I know, traditional banks haven't stopped criminal activities in any way.

Maybe in Canada. (Although I gave never thought of Canada as a baking haven) In the US, banks are requried to report suspicious activities. Certainly this has caught more than a few criminals - including at least one case when stolen cash was deposited with the band (with the bank's name on it) still on the packs of bills.

 

[WWGD]

Only on transaction on this wallet on 7/19 (prior to the email), so fortunately no takers

View attachment 329602

So you believe he actually did hack into my account?

 

[BWV]

So you believe he actually did hack into my account?

No, its a scam

 

[jack action]

Banks are, at least in theory, governed by the law and banking regulations. It's unlikely that you'll wake up one morning to find your bank account empty. And, even if you do, there is a legal process available.

If someone steals your bitcoin, AFAIK, it's gone and you have no means of redress, legal or otherwise.

If the blackmailer's account in this case was with a regular bank, the account could be frozen.

Maybe in Canada. (Although I gave never thought of Canada as a baking haven) In the US, banks are requried to report suspicious activities. Certainly this has caught more than a few criminals - including at least one case when stolen cash was deposited with the band (with the bank's name on it) still on the packs of bills.

So criminality is stopped outside Canada because of banks? Because we still have criminality in Canada and even well-organized criminal groups. All I see is a more complicated life for the common citizen and the more naive ones (we all been one at one time or another) still fall for cons that are only adapted to the new reality.

Although I gave never thought of Canada as a baking haven

You should taste my cupcakes!

 

[jack action]

So you believe he actually did hack into my account?

This is not your money, it is someone else's who received the same email as yours, fell for the scam, and paid.

 

[Vanadium 50]

Sorry, Canada is a baking haven. Timmy's!

I meant banking.

However, if you require anti-crime measures to stop every single crime, we should dispense with door locks. And police.

 

[jack action]

we should dispense with door locks. And police.

A door lock - like blocking certain emails I received - is a measure I use to protect myself ... if I want one ... when I feel I need one.

Police - like banking regulations - is something imposed on me ... all the time ... whether I like it or not.

If the door lock works, the police is not needed.

And the police cost something, is not always helpful when the door lock fails (or worst is inexistent because one relies solely on the police), and always ends up complicating our day-to-day routine.

The moral is that it is better to learn locksmithery than rely on somebody else to guard your stuff.

 

[Rive]

The moral is that it is better to learn locksmithery than rely on somebody else to guard your stuff.

Layered defense...

Regarding that scam: a really lame, basic attempt. What I got even had one of my dummy passwords exposed as proof of personal attention

 

[jack action]

It's a good thing I don't worry about those emails because I got another one today in my spam folder with a slightly different text:

Hi!

I regret to inform you about some sad news for you.
Approximately a month or two ago I have succeeded to gain a total access to all your devices utilized for browsing internet.
Moving forward, I have started observing your internet activities on continuous basis.

Go ahead and take a look at the sequence of events provided below for your reference:
Initially I bought an exclusive access from hackers to a long list of email accounts (in today's world, that is really a common thing, which can arranged via internet).
Evidently, it wasn't hard for me to proceed with logging in your email account ([email address removed]).

Within the same week, I moved on with installing a Trojan virus in Operating Systems for all devices that you use to login to email.
Frankly speaking, it wasn't a challenging task for me at all (since you were kind enough to click some of the links in your inbox emails before).
Yeah, geniuses are among us.

Because of this Trojan I am able to gain access to entire set of controllers in devices (e.g., your video camera, keyboard, microphone and others).
As result, I effortlessly downloaded all data, as well as photos, web browsing history and other types of data to my servers.
Moreover, I have access to all social networks accounts that you regularly use, including emails, including chat history, messengers, contacts list etc.
My unique virus is incessantly refreshing its signatures (due to control by a driver), and hence remains undetected by any type of antiviruses.

Hence, I guess by now you can already see the reason why I always remained undetected until this very letter...

During the process of compilation of all the materials associated with you,
I also noticed that you are a huge supporter and regular user of websites hosting nasty adult content.
Turns out to be, you really love visiting porn websites, as well as watching exciting videos and enduring unforgettable pleasures.
As a matter of fact, I was not able to withstand the temptation, but to record certain nasty solo action with you in main role,
and later produced a few videos exposing your masturbation and cumming scenes.

If until now you don't believe me, all I need is one-two mouse clicks to make all those videos with everyone you know,
including your friends, colleagues, relatives and others.
Moreover, I am able to upload all that video content online for everyone to see.
I sincerely think, you certainly would not wish such incidents to take place, in view of the lustful things demonstrated in your commonly watched videos,
(you absolutely know what I mean by that) it will cause a huge adversity for you.

There is still a solution to this matter, and here is what you need to do:
You make a transaction of 620 USD to my account (an equivalent in bitcoins, which recorded depending on the exchange rate at the date of funds transfer),
hence upon receiving the transfer, I will immediately get rid of all those lustful videos without delay.
After that we can make it look like there was nothing happening beforehand.
Additionally, I can confirm that all the Trojan software is going to be disabled and erased from all devices that you use. You have nothing to worry about,
because I keep my word at all times.

That is indeed a beneficial bargain that comes with a relatively reduced price,
taking into consideration that your profile and traffic were under close monitoring during a long time frame.
If you are still unclear regarding how to buy and perform transactions with bitcoins - everything is available online.

Below is my bitcoin wallet for your further reference:
15Aq9jP5ATC5baaYuh8CU3iyQegDnsaDWT

All you have is 48 hours and the countdown begins once this email is opened (in other words 2 days).

The following list includes things you should remember and avoid doing:
>> There's no point to try replying my email (since this email and return address were created inside your inbox).
>> There's no point in calling police or any other types of security services either. Furthermore, don't you dare sharing this info with any of your friends.
If I discover that (taking into consideration my skills, it will be really simple, because I control all your systems and continuously monitor them)
your nasty clip will be shared with public straight away.
>> There's no point in looking for me too - it won't result in any success. Transactions with cryptocurrency are completely anonymous and untraceable.
>> There's no point in reinstalling your OS on devices or trying to throw them away. That won't solve the issue,
since all clips with you as main character are already uploaded on remote servers.

Things that may be concerning you:
>> That funds transfer won't be delivered to me.
Breathe out, I can track down everything right away, so once funds transfer is finished,
I will know for sure, since I interminably track down all activities done by you (my Trojan virus controls all processes remotely, just as TeamViewer).
>> That your videos will be distributed, even though you have completed money transfer to my wallet.
Trust me, it is worthless for me to still bother you after money transfer is successful. Moreover, if that was ever part of my plan, I would do make it happen way earlier!

We are going to approach and deal with it in a clear manner!

In conclusion, I'd like to recommend one more thing... after this you need to make certain you don't get involved in similar kind of unpleasant events anymore!
My recommendation - ensure all your passwords are replaced with new ones on a regular basis.

The fun thing about this one: It actually tells you how to respond to that email:

There's no point to try replying my email
There's no point in calling police or any other types of security services either
There's no point in looking for me too
There's no point in reinstalling your OS on devices or trying to throw them away

See, there's no point in reacting to the email in any way! Just ignore it!

Inflation is really bad because the demand has increased by $10.

On a sadder note, there is already $610.90 in the Bitcoin account.

It is funny how every text conveys the same message but in slightly different wording. I wonder if each text is AI-generated? Maybe this is how Skynet is financing its revolution?

 

[Bandersnatch]

You know what I find curious? That they always ask for around 600 bucks. How did they arrive at this figure and why is it so consistent across the different emails?
Did they hire a socio-economist to determine the amount most likely to bring in the highest returns?
Did they do some polling work among the potential scammees?
Did they run test scams to get some empirical data to help them zero in on what's best (are these the test scams)?
Or is it more like the senders are all working from the same dorm room or sweatshop somewhere in Kuala Lumpur or Ouagadougou - the same place that used to have all those Nigerian princes chained to typewriters - and just shouting across cubicles asking what to put in there?

What is the process here, I wonder.

Also, I remember receiving this kind of scam some years ago, not long after the dial-up era. By snail mail.

 

[.Scott]

I got a phone call once that told me my computer had some major problems that they had detected over the last few weeks as they were calling from MS Security, and if I followed their instructions by looking at a certain feature that MS supply built in to Windows, I would see lots of errors, in red, that needed correcting to stay secure.

I got that same phone call from "MS Security" last year.
So they gave me careful instructions on how to fix the problem.
They told me to log in, open a browser, go to a particular site, and more.

Things did not work out as they expected. I didn't have a Windows system in my home at that time - so when I responded back to them, it was based on what I would have expected a Windows system to do if I was actually logging on, etc. It was fun - but eventually they got frustrated. They ultimately recognized that I was simply too stupid to accurately follow their instructions.
However, I did add their URL to the hosts file on my Ubuntu system - directing it to 127.0.0.1.More recently, the parent of a coworker died, so we were looking for the obit to find out whether flowers or a charitable contribution was being suggested. I never found the obit, but when I opened one obit site that looked potentially helpful, it asked me to prove I was not a robot by hitting the "allow" button. Of course, I preferred to be treated as a robot.

 

[topsquark]

Oh! Then I'm safe! When they crack into my records they'll see that I don't actually have $600 to pay them.

-Dan

 

[.Scott]

This is not your money, it is someone else's who received the same email as yours, fell for the scam, and paid.

Yes. And if you paid them within their specified 2-day period, they would be able to recognize that payment as coming from you.
I expect that that would result in another email from them with more bad news - worse news. Something like: "Oh my! We've had more time to look at some of these email files and we really can't let you off the hook so easily...".

 

[Vanadium 50]

there is already $610.90 in the Bitcoin account.

Seed money.

That they always ask for around 600 bucks. How did they arrive at this figure and why is it so consistent across the different emails?

You could always undercut them: "Bandersnatch's Discount Spam & Scam"

 

[Bandersnatch]

'Don't fall for those expensive scammers! Our organically sourced scams are virus-free and start as cheap as 300 trillion Zimbabwean dollars! But wait, there's more! Only today: fall for OUR scam within the next 24 hours and you'll receive another scam completely free of charge*!'

*terms and conditions apply[/size]