A rather freaked out new user

I got an email yesterday and it has me still shaken quite a bit so I am pasting it below. The big thing that has me freaked out is that the password was correct, even though it was extremely old I did edit it out of this post (along with my email address) the rest is all a copy and paste of what they sent me, the grammar was so bad I know its a scam/blackmail attempt. But like I said it has me scared due to them having one of my passwords even though it’s so old and no longer in use for years and years. Any tips or suggestions on looking into where it was sent from or am I SoL in having any action brought against them?

Franny Mcwhirter [email protected];

Wed 12/5/2018, 8:41 AM

I‌ do‌ kno‌w ************* i‌s yo‌ur passphrases. L‌ets g‌et strai‌ght to th‌e po‌i‌nt. No‌body ha‌s co‌mp‌ensated m‌e to ch‌eck you. You do‌ not kno‌w m‌e and yo‌u ar‌e pro‌ba‌bly thinki‌ng why yo‌u ar‌e getti‌ng thi‌s ‌e mai‌l?

L‌et me t‌ell yo‌u, i‌ a‌ctua‌lly i‌nsta‌ll‌ed a‌ ma‌lwa‌r‌e o‌n the 18+ str‌ea‌mi‌ng (po‌rno‌graphi‌c ma‌teri‌a‌l) web site and do‌ you kno‌w what, yo‌u vi‌sit‌ed thi‌s w‌eb si‌t‌e to ‌exp‌erienc‌e fun (you know what i m‌ean). Whi‌le yo‌u w‌er‌e vi‌‌ewi‌ng video‌ cli‌ps, yo‌ur bro‌ws‌er sta‌rt‌ed o‌ut o‌perating a‌s a RDP wi‌th a‌ k‌ey lo‌gger whi‌ch provided m‌e wi‌th a‌cc‌essi‌bility to‌ your display a‌s well a‌s ca‌m. Just a‌ft‌er tha‌t, my so‌ftwa‌r‌e pro‌gra‌m ga‌ther‌ed a‌ll yo‌ur conta‌cts fro‌m your M‌ess‌eng‌er, FB, a‌nd ‌e-mai‌la‌cco‌unt. N‌ext i‌ cr‌ea‌t‌ed a‌ doubl‌e vi‌deo. Fi‌rst pa‌rt sho‌ws th‌e vi‌d‌eo‌ yo‌u w‌er‌e wa‌tchi‌ng (yo‌u ha‌v‌e a‌ fine ta‌st‌e ha‌ha‌), a‌nd s‌eco‌nd pa‌rt sho‌ws th‌e vi‌ew o‌f your w‌ebca‌m, yea‌h i‌ts yo‌u.

You go‌t only 2 cho‌ic‌es. We sho‌uld r‌ea‌d ea‌ch of th‌ese o‌pti‌o‌ns i‌n d‌etai‌ls:

1st o‌pti‌on i‌s to‌ i‌gno‌re this ‌emai‌l m‌essa‌g‌e. i‌n such a cas‌e, i‌ mo‌st c‌erta‌i‌nly wi‌ll s‌end yo‌ur a‌ctual vi‌deota‌p‌e to‌ a‌ll o‌f your perso‌nal co‌nta‌cts and thus just co‌nsi‌der co‌nc‌erni‌ng th‌e humi‌li‌ati‌on yo‌u ‌exp‌eri‌ence. Do‌ no‌t fo‌rget if yo‌u a‌r‌e i‌n a‌ r‌ela‌ti‌o‌nshi‌p, ho‌w i‌t i‌s go‌i‌ng to‌ affect?

La‌tter soluti‌o‌n i‌s to‌ pa‌y m‌e USD 1596. L‌et us rega‌rd i‌t a‌s a‌ do‌na‌ti‌on. Subs‌equ‌ently, i wi‌ll pro‌mptly r‌emo‌ve yo‌ur vi‌d‌eo r‌eco‌rding. Yo‌u ca‌n conti‌nu‌e on your da‌i‌ly ro‌utin‌e li‌k‌e this nev‌er happ‌en‌ed a‌nd yo‌u will not h‌ea‌r back a‌ga‌i‌n fro‌m m‌e.

Yo‌u wi‌ll mak‌e the pa‌yment thro‌ugh Bi‌tco‌i‌n (i‌f you don’t kno‌w thi‌s, search fo‌r ‘ho‌w to‌ buy bit‌co‌i‌n’ in Goo‌gle).

B‌TC a‌ddr‌ess to‌ s‌end to‌: 154ZEydveoi2fSqVnQNMwXx7BU4G9yjVhG
[Ca‌Se-s‌ensiti‌v‌e so‌ copy and pa‌ste i‌t]

if you ha‌v‌e b‌e‌en wo‌nd‌ering a‌bo‌ut go‌i‌ng to‌ the la‌w, lo‌o‌k, thi‌s ‌ema‌il m‌essa‌g‌e ca‌nno‌t be tra‌ced back to m‌e. I ha‌v‌e ta‌ken ca‌re o‌f my acti‌o‌ns. i‌ am a‌lso‌ no‌t lo‌o‌ki‌ng to‌ charg‌e a fe‌e a‌ lot, i‌ si‌mply pr‌efer to‌ b‌e co‌mpensat‌ed. Yo‌u ha‌v‌e t‌w‌o da‌ys i‌n o‌rder to‌ ma‌k‌e th‌e pa‌ym‌ent. i‌ ha‌v‌e a‌ sp‌ecifi‌c pi‌x‌el wi‌thi‌n thi‌s ema‌i‌l, and now i‌ kno‌w tha‌t yo‌u hav‌e r‌ead thi‌s ‌ema‌i‌l m‌essa‌g‌e. i‌f i‌ do‌n’t r‌ec‌ei‌v‌e th‌e B‌i‌tC‌oins, i d‌efi‌nitely wi‌ll s‌end out yo‌ur vi‌d‌eo to a‌ll o‌f yo‌ur co‌nta‌cts i‌ncluding clo‌s‌e r‌elati‌v‌es, co‌ll‌ea‌gu‌es, a‌nd ma‌ny oth‌ers. Ha‌vi‌ng sai‌d tha‌t, if i rec‌ei‌v‌e th‌e paym‌ent, i‌ wi‌ll ‌era‌se the vid‌eo‌ right a‌wa‌y. Thi‌s i‌s th‌e non:n‌ego‌ti‌a‌ble o‌ff‌er thus pl‌ea‌se do‌ no‌t wa‌st‌e mi‌n‌e tim‌e & yo‌urs by r‌eplying to this ma‌i‌l. i‌f yo‌u n‌e‌ed ‌evid‌enc‌e, r‌eply Yup! & i‌ defini‌tely wi‌ll send yo‌ur vid‌eo‌ r‌ecording to‌ yo‌ur 11 fri‌‌ends.

I’m guessing a site that you were registered on had its database leaked… If you use the same password on every site this could be how they got this information. If everything else they provided was fake I would just Change your password on any sites that you use along with the email account (If you haven’t already) and make sure you use a different password for every website you use. You should check this site to try and find any information on the subject of your email and password being leaked in a database breach . https://haveibeenpwned.com/

might wanna go with what SR said there and use something like LastPass to make strong encrypted passwords and use it as your password manager for chrome or firefox or even android and iOS

Yeah, that is my guess as well I started working towards my associate degree for IT Help Desk support just over a year ago. So I have smartened up a lot since then and changed a ton of my habits it was still a shock though seeing a password that was 7+ years old sitting in an email like that. One of my instructors talked about Enpass, 1Password, Dashlane, and LastPass so I started using one of those that day. And I was talking to one of them today about it and they said the same thing of setting up a new email account and purging all the things that are in the old one. Looks like that’s what my afternoon is going to be once I get home from work tomorrow.

Likely a scam but here we go anyway Well, you should change all your passwords use 2 factor and possibly a secondary device like an ipad with a msecure type of product password manager.

next you should log all communications with this person copy and screenshot and print everything the last guy I heard about doing this served prison time. Putting an injection on a website isn’t something everyone knows how to do. You definitely need to scan the computer see if any malware comes up I would create a new admin account assuming it is windows pc then a new email registered to that account and what not. I would delete the old windows accounts back up your files beforehand also once you do and you have scanned your computer with BitDefender and hitman pro use something like Clonezilla to image the os and drive. if it is a phone then it is easy enough to reset. Next, I would contact the website admin about a possible breach see what they say. Then I would email the guy back stating you have bitcoin but that you want to see the video he claims he has (Note I would never pay him) keep logs of all contact with him. There’s a good chance he is bluffing and he doesn’t have anything but your passwords if he does release a video it breaks international law but most of these things are just mass emails of compromised email passwords they send out to see who they can get to pay on a mass scale it is likely just a script he is reading off of. The BTC account has no money sent or received within the last 50 transactions 154ZEydveoi2fSqVnQNMwXx7BU4G9yjVhG | BitRef

If worse come to worse and he does have a file that he sends out it is not the end of the world which I doubt he has anything at all.

to add to this there is a number of folks that could do this my camera has been covered with duck tape and paper for about 7 years now and if you visit cam websites the major ones allows the girls to turn on your camera as part of the service.

That is creepy. The only two devices that I own that have a camera is my phone and my laptop that I use for work and school. The home desktop doesn’t have a camera on it even though I do stream the games I play no one needs to see my ugly mug though :).

yeah well there you have it but like i said above it is likely only a script he is reading

@ScammerRevolts @FrostbiteXZ Thanks to all 3 of you I have a better place to start, some stress removed, a lot of accounts to change the linked email address for contact, and a system to possibly reformat as a level of overkill to be safe. I truly do mean it Thank You all.

I’ve had the same email (from myself) being emailed to me every month about how my password was found and some guy trying to extort bitcoin from me otherwise he’ll post “the naughty stuff” ive been going to LOL.

Hello!

I’m a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from [email protected] on moment of crack: ********

Of course you can will change your password, or already made it.
But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I’m sure you don’t want it. I definitely would not want to …

I will not do this if you pay me a little amount.
I think $853 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1BncH5WxBSYJ6mmcJC9bCRxQ6Z1evvtRxk

If you have difficulty with this - Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

I haven’t used that password since 2002.

script it is lol @ the grammar

Yeah I’ll just chime in to reiterate what others said, I’ve received this before including an old password of mine. I only used it like pre-2010, or on suuuuuper low-security sites who didn’t ask for mixed case / numbers / special characters. So I am sure one of them was breached and a big old password dump is somewhere on the deep web.

They probably linked it to your email because your email address was your username for one of these sites.

As for how they sent it from your email address, there’s always been ways to spoof an email address. I don’t know them, but I know there are ways (if they sent it from a GMail you would have received a notification that a new device logged in anyway).

I guess it has a name now I did not know what to call it but guess it is called sextortion

i would write back, Dear idiot! every Christmas as a present I send mass emails to all contacts of me pleasuring myself. I was glad to hear you were able to capture some footage for your Mother. If you can tell me my penis size I will give you jelly beans. If you can count the wrinkles on my sack (you know what I mean) I will send you a prune and walnut trailmix. How dare you see my penis and not give me an opinion? Sometimes I like to shove it in fruit on the bottom yogurt and feed it to small furry creatures that dwell in the meadows behind my house. Enclosed is a sisde by side picture of my penis and a popular Indian scammer. Please rate 1-10 on which one youd rather kiss. Not to be random but I have a strong urge to have intercourse with a garden gnome, they are sexy. Sincerely -Me

cover your camera for sure on any device.

ok i dont no what im doing , or even why i signed up for this theres no other place i can see to type other than to replie , i just thought you were cool david so i signed up , but like i said i dont no nothing about cpus

I completely agree. My family keeps tape or a band aide over cameras when not in use.

Sometimes an old school hardware solution is the best.

Test:wink:
I’m new here, too. Wanted to see if I could reply. Carry on:)