A hacker sent you a troubling email with your password. Don’t panic, I have your back.
It’s alarmingly personal and disturbing to receive an email from someone claiming to have compromised your computer. They also claim to have the password. Take a deep breath. It’s not all bad. Here’s what to do next.
You’ve received an email with your password from a hacker.
My inbox is filled with emails from people who believe their phone has been hacked, and those who suspect that a hacker has sent them their password. The emails they are referring to seem to include “Day of Hack” as the subject and a password that the recipient has used.
It is not surprising that more women than men have contacted me for assistance, given the fact that the email sender, the alleged hacker, claims to have a compromising camera of them because he can control their webcams and computers. We are referring to sextortion, which is a very nasty way of trying to extort Bitcoin from victims. It is also one that is not likely to go away anytime soon. These scams appear to have increased in popularity during the pandemic. Perhaps they are trying to take advantage of the anxiety that has been experienced by so many.
The Day of Hack sextortion threat
Although sextortion schemes evolve over time and details may change, the Day of Hack script is now a permanent fixture. This is due to the broken English subject line, which reads: “I know [your passphrase] is one of your passwords on day of hack.” To grab attention and create fear in the recipient, the subject line cleverly includes the password. No matter if you received a Day of Hack or another variation, the process of dealing with it is the same. Let me get to that in a minute. But first, let’s examine how the hacker got your password.
Is this hacker really able to guess my password?
It’s obvious that they do, as it is displayed in the Day of Hack subject line. This is a bit more complicated and doesn’t necessarily mean that they have full control over your computer, webcam, or email. How is that possible? First, you need to know which password they have. If you use only a few passwords for different websites and services frequently, there is a good chance that your password was stolen in a data breach. It is likely that the breach was already reported to you and you will be prompted to change your password wherever you use it. This is an unfortunate practice that is all too common and must be changed. If you don’t know the password, but recognize it, you can use the free Have I Been Pwned database. This will show you where passwords that are associated with your email address were compromised or exposed. These breach databases can be traded online and on cybercrime forums. Sextortion fraudmers also make use of them. Panic is a knee-jerk reaction that scammers hope will make you believe they have control and, while you don’t, they will get the money you want. It is important to take a deep breath, look away from the screen, and engage your logical mind in analyzing what is being said.
This hacker could have my webcam, email and computer.
Yes, they could. However, the odds of this happening are very slim. It is so small that you should be dismissed if they send you a Day of Hack message. You should think about this: If the hacker has access to your computer, why would they email you? Cybercriminals can easily and inexpensively obtain ransomware. It is much more likely that they will pay you a payment than claiming that they filmed someone masturbating online porn. If they did get compromising video, why didn’t they include a small clip of evidence? That would surely be the best way to make sure payment. I was told by a victim of this shameful fraud campaign that the sender of the email had stated that she would send eight videos to her contacts if she needed proof. This email was designed to incite fear, but it is logically not a good idea. They could have just sent it to her instead. They don’t have the video and only empty threats, but they do have it.
What should I do?
Be calm and ignore the “elite hacker”, who is simply using an email threat to send you a scripted message. How can I tell if it is scripted? Over the past year, hundreds of concerned individuals have sent me copies of the threatening email. Only one thing changes between threats. The password is what’s changed. This could be due to the rapid rise in Bitcoin exchange rates. The criminal behind the email knows that most people won’t respond to a $10,000 demand (PS7.150), and will be more inclined to ignore the email or report the crime to the police. They instead calculate that $1,000 (PS715) would be the best amount to be paid.
These are some excerpts from the script that you might be familiar with:
“When you first started viewing videos, your browser was a RDP with a keylogger that provided me access to your display screen and webcam.
“My malware accessed every contact from your Messenger, Facebook, and email accounts.”
“I placed malware on an adult porn site and you know what? You visited this site to have fun!”
“If I don’t receive the bitcoin, I will definitely send your video recording out to all of my contacts, including friends, family, coworkers, etc.”
What you should do can be summarized in three steps
1. Change your account password if you have not done so. Change all passwords if you have more than one. This is easy with a password manager. It will create stronger passwords that are easier to remember and make it much simpler to log in to an account.
2. If two-factor authentication (2FA), is available, make sure you look at the security section. Use it if it is. This can be done most commonly by means of a unique numerical code that is securely transmitted to a smartphone application. Authy and Google Authenticator are two of the most popular and highly recommended. Opt-in is recommended if you only have the option of 2FA for a code sent via SMS (text message). Although it’s not as secure and reliable as authenticator apps, it is still a lot more secure than any 2FA.
3. Notify the authorities. The Federal Trade Commission (FTC), can be easily reported to. In the U.K., you can forward the email to firstname.lastname@example.org, and there’s more information about this from the National Cyber Security Centre (NCSC) here.