301-571-5040    Get SUPPORT

Washington Works Blog

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

Want to Keep Your “Personal” Browsing a Secret? Scam Says: Pay Up!

A new email scam is making its rounds and it has a lot of people concerned with just how much a hacker can peer into one’s private life. How would you react if a stranger emailed you saying they had inappropriate webcam footage of you?

This Scam is a Dirty Trick
This is going to be a taboo subject for many, but it’s a real scam that is quickly getting passed around to users and to some, the risk is so high they might be willing to fall for it. Essentially, an email comes in stating that a hacker got access to your passwords (likely pulled from a list on the dark web from any one of the dozens of web services and businesses that have been hacked over the years). They show off the password to you as proof, right in the email, and mention they have incriminating webcam footage of you, and they’ll share it to your contacts if you don’t pay up.

How It Works
The target of this scam will open their email to find a message that opens by identifying an actual password of the targeted user. The rest of the email reads as one would expect an email of this nature to:

“You don’t know me and you’re thinking why you received this email, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).”

The email then provides an address for the recipient to send their Bitcoin to, with the recommendation to copy-paste the case-sensitive alphanumeric sequence. The email ends with a warning:


You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately [sic]. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.”

This is not the only version of the email that is out there, but they all follow the same thread and end with the same threat - pay up, or everyone will see what you do behind closed doors.

Is This For Real?
For many people, this is a fair question - and fortunately for many, no, the threats are not legitimate. First of all, the passwords that these attacks are citing are often 10 years old, which means that the criminals likely got their information from an outdated database from some hack from a decade ago.

However, that doesn’t mean that this threat hasn’t been comfortably effective. As of July 19th, a mere 42 Bitcoin addresses had net over $50,000 from 30 victims. While these returns certainly aren’t breaking any records, they are enough to encourage more cybercriminals to leverage similar attacks.

How to Protect Yourself from the Real Deal
Even if this particular threat is little more than an underhanded bluff, that doesn’t mean a legitimate password scam isn’t still well within the realm of possibility. Therefore, the security lessons that can be learned from this particular trend are still extremely applicable.

First and foremost, passwords are like the underwear this probably automated scam claims to have seen its users potentially without - they need to be changed regularly. The fact that 30 people were willing to pay a combined $50,000 tells us two things: they had something they wanted to hide, and they hadn’t changed their passwords in years. Changing your passwords on a regular basis, without repeating them, means that you are safe if one of your past passwords is hacked. After all, the old key to a door won’t work anymore of you’ve changed the lock.

Secondly, and more personally, make sure your webcam is covered up while you aren’t actively using it.

For more best practices, including ones to help preserve your security, keep reading our blog. Reach out to us at 301-571-5040 to ask about the solutions we can provide to keep messages like these out of your business in the first place.

Security Threats and Defensive Measures You Can Ta...
How Technology Could Change the Classroom


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, February 18 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Malware Productivity Hackers Email Software Network Security Business Tech Term Hosted Solutions Internet Computer Data Data Backup Mobile Devices Google Data Recovery Efficiency Managed IT Services Ransomware Backup User Tips IT Support Microsoft Cloud Computing Innovation Hardware Small Business Outsourced IT Productivity Managed Service Provider Business Management IT Services Smartphone Paperless Office Business Continuity Workplace Tips Encryption Office 365 Collaboration Android Social Media Windows 10 Managed IT Services Communication Data Management Windows 10 Save Money Browser Remote Monitoring Smartphones Phishing Server Disaster Recovery Bandwidth Government Holiday Employer-Employee Relationship Vulnerability Work/Life Balance BDR IT Management Facebook VoIP Wi-Fi Internet of Things Unified Threat Management Document Management Passwords Communications Apps Artificial Intelligence App Cybersecurity Information Infrastructure Tip of the week Upgrade BYOD Scam Healthcare Antivirus Applications Politics Money Chromebook Virtual Reality Two-factor Authentication Automation File Sharing Quick Tips Maintenance Risk Management Compliance How To Blockchain Word SaaS Network Windows Chrome Customer Relationship Management Mobile Device Big Data Hosted Solution Managed Service Office Password Saving Money Vendor Management Wireless Professional Services Private Cloud Computer Care Remote Computing Firewall Taxes Downtime Data loss Mobile Device Management Smart Technology Management Tablet Training How To Router Websites VPN Data Security Server Management Alert Tech Support Meetings Business Technology Botnet Gmail Bring Your Own Device Virtual Private Network Health Hacker Regulations Remote Monitoring and Management Microsoft Office IoT Automobile Samsung Storage Employees Remote Workers Machine Learning Physical Security Twitter Electronic Medical Records Computing Company Culture Identity Theft Website Point of Sale Robot Access Control HIPAA Telephone Systems G Suite Patch Management Recovery Mobile Security Social Microsoft Excel Screen Reader Monitoring Disaster Heating/Cooling IT Solutions Spam SharePoint High-Speed Internet Finance Motion Sickness Sports Asset Tracking Tech Terms Time Management Virtualization Cooperation Enterprise Content Management Bookmarks IT Budget Computer Repair Notes Networking Hotspot Assessment Cyberattacks Office Tips Tracking Procurement MSP Human Error Web Server Search Smart Tech USB Consulting Error Uninterrupted Power Supply Servers Upgrades Processors Downloads IT Technicians Development Authentication OneNote Theft IT Consultant Network Management Unified Threat Management Staff Unified Communications Favorites Digital Payment YouTube PowerPoint Distributed Denial of Service Cameras Augmented Reality Language Internet Exlporer Enterprise Resource Planning Files Managed IT Security Cameras Comparison Proactive Permission Connectivity Dongle Managed Services Provider Staffing Multi-Factor Security Mirgation Cables Authorization Analytics Managed IT Service Modem Employee-Employer Relationship IT Support Touchscreen Cortana Black Market IBM User Error Project Management Cybercrime Settings Virtual Assistant Law Enforcement CCTV Google Drive Emoji The Internet of Things Computing Infrastructure Value Mobile Read Only Administrator Corporate Profile Outlook Crowdsourcing Printing Specifications Test Permissions Service Level Agreement E-Commerce Solid State Drive Statistics Gadgets Budget Google Calendar Wires Webcam Lenovo Software as a Service Break Fix Cookies Education Cabling Printer Wearable Technology Vulnerabilities Conferencing Digital Mail Merge RMM Gadget VoIP Techology Alerts WannaCry Shortcut Personal Information Remote Worker Black Friday Social Networking WPA3 Update Fraud Star Wars Utility Computing Features WiFi Hard Disk Drive Bluetooth Users Legislation Chatbots Zero-Day Threat Firefox Superfish Wasting Time Dark Web Nanotechnology Relocation Cleaning Customer Service Geography Instant Messaging Travel Spyware Address Legal Fleet Tracking Operating System Avoiding Downtime Licensing Managing Stress Help Desk Supercomputer Monitors ROI Cyber Monday Motherboard Cost Management Electronic Health Records GPS Notifications Financial Mouse Identity Backup and Disaster Recovery CrashOverride Hard Drives Public Speaking Presentation Emergency Lithium-ion battery Wireless Technology 5G Safety Marketing Competition Hiring/Firing Printers IP Address Fun Miscellaneous Mobile Office Domains Regulation