The New Email Scam - Your Password in the Subject Line!

Email scams are nothing new. If you've had an email address for a while, you probably get several each day from Nigerian princes, Russian brides, would-be "employers" and "credit card companies".

I've seen it all, and you probably have, too.

The other day, I was checking the spam box of my email when my heart skipped a beat. My old password- the one I used to use for everything- was right there in the subject line! The email read something like this:

I know [YOUR PASSWORD] is your passphrase. Lets get directly to the purpose. Nobody has paid me to check about you. You do not know me and you're most likely thinking why you are getting this e-mail?
In fact, I installed a software on the xxx streaming (p*rnographic material) web-site and you know what, you visited this web site to experience fun (you know what I mean). When you were watching video clips, your browser initiated operating as a Remote control Desktop that has a key logger which gave me access to your screen and webcam. Right after that, my software program obtained your complete contacts from your Messenger, FB, and e-mailaccount. Next I made a double video. First part shows the video you were watching (you have a fine taste lmao), and second part displays the recording of your web cam, yea its u. 
You actually have just two solutions. We will study each one of these possibilities in aspects: 
1st solution is to just ignore this message. Then, I am going to send out your videotape to each one of your contacts and thus visualize about the shame you experience. Furthermore if you happen to be in a committed relationship, just how it will affect?
Number two solution is to compensate me $7000. Let us call it a donation. In this case, I most certainly will instantaneously delete your video footage. You could resume everyday life like this never happened and you will not ever hear back again from me.
You will make the payment via Bitcoin (if you do not know this, search "how to buy bitcoin" in Google search engine)
BTC Address: [The scammer puts their BTC address here]
[CASE SENSITIVE, copy and paste it]
If you may be looking at going to the police, good, this email message cannot be traced back to me. I have dealt with my moves. I am just not attempting to demand very much, I want to be rewarded. You have one day to pay. I've a unique pixel within this mail, and now I know that you have read this message. If I do not receive the BitCoins, I will certainly send your video to all of your contacts including members of your family, colleagues, etc. Nevertheless, if I do get paid, I will erase the video immediately. This is the nonnegotiable offer, so please don't waste mine time & yours by responding to this e-mail. If you need evidence, reply  Yup & I definitely will send out your video recording to your 9 friends.

Did they hack my webcam? Do they really have a keylifter?

No. They do not have a video of you. Notice how they didn't mention your name or even include a screenshot from any hacked webcam video. This is because they don't have it.

Unsecured webcams, read-receipts in emails, and keylifters are all real things. But hacking webcams, recording damaging video, checking to see if emails have been read, and finding friends to send the video to - well, that takes time and effort.

This email was sent out to thousands - maybe tens of thousands - of people, with a simply copy/paste program to automate the email address and password. How much time and expense would it take to hack everyone's webcam?

Scammers are businessmen. It's easier to just send a blanket email to everyone hoping that 1% of people send the bitcoin than it is to spend all that time hacking, recording, and keylifting one person just to be ignored.

Call it return on investment.

How did they get my password?

They bought a database of passwords from a hacked website like LinkedIn. If the password in the subject line is something you currently use- especially for something important like a bank account- change it now.


This scam is going to trap a lot of people who usually wouldn't take a second glance at scam emails, simply because:

  • Lots of people use the same password for everything
  • It's pretty darn spooky seeing your password in an email
  • Being spooked like that shuts off the part of your brain which would tell you that this is pretty obviously a scam
  • A majority of people look at those kinds of pictures and videos on the internet! Let's face it, nobody cares!!!

1 comment: