What’s the scam?
The scam is a simple social engineering scam to scare you into paying someone in the form of Bitcoin.
This particular scam is stating people have been recorded watching porn on their computers. Some of the emails even suggest that they have also recorded you via your webcam watching it.
So, this might not sound too bad and you could just delete it. But to really scare you the scammers include your password! This password will more than likely be genuine too, increasing the scare factor.
Why do they want payment in Bitcoin?
Usually if you pay for something on the Internet, you use a credit or debit card. That card is connected to information about you, such as your name and billing address.
You can use bitcoin the same way, but unlike a credit card, the transactions you make using the currency are completely anonymous. They can’t be used to identify you personally. Instead, whenever you trade in bitcoin, you use a so-called private key associated with your wallet to generate a bit of code called an address. The address is then publicly associated with your transaction but with no personal identifying information.
How did they get my password?
The honest answer is “no one can say for sure”. What we can say is that the data is likely due to one of the many data breaches that happen throughout the years.
Hopefully the company that was breached have already informed you about the breach and advised you on what was taken. unfortunately, we know this does not always happen or the information was not clear enough.
You check if your data has been part of a breach, visit website https://haveibeenpwned.com. The library found here allows you to check your email address and passwords to see if they have been “pwned” or not. If you find any of your data on haveibeenpwned it is important take any required steps to protect yourself.
What should I do about it?
We have broken down the different parts of the scam so you focus with ease on what to do.
With the email, never reply to it!
If this is your work email address, and you have email filtering and protection from Strobe IT please raise a support ticket where we will advise you on what to do including the deletion of it.
If this is a personal email account or a non Strobe IT protected platform, please report this as spam to them if possible and delete as necessary.
Depending if the password is still used by a service, website or other system will determine what you need to do here. Passwords that are no longer used can be ignored, but if the password is used anywhere change it immediately!
Below is a list of additional steps and items to do, making sure you are safe.
- DO NOT pay the scammer.
- Change the password as described on all platforms it was used on.
- DO NOT use this password EVER again.
- Make sure your anti-virus is up-to-date. [Done by Strobe IT for all maintenance clients]
- Make sure your operating system (eg, Microsoft Windows) is up-to-date. [Done by Strobe IT for all maintenance clients]
- If you can enable and use Two-Factor Authentication (2FA).
- If you wish you can report this phising attempt to Action Fraud.
What if I have paid?
If you have received one of these email and paid the fine, report it to your local police force. Once reported, if you are a maintenance client please raise a support ticket with Strobe IT so we are aware and can aid the police where needed.