New sextortion phishing scam uses target's harvested password

A new twist on an old email scam making the rounds addresses its recipients by name and uses an actual password (hopefully deprecated). They attempt to blackmail victims, and it's…

A new twist on an old email scam making the rounds addresses its recipients by name and uses an actual password (hopefully deprecated). They attempt to blackmail victims, and it's definitely a little anxiety-inducing to see an old password written out.

Here's what one of mine said:

I am well aware [deprecated password] is your pass. Lets get right to purpose. Nobody has compensated me to check you. You may not know me and you're probably wondering why you are getting this email?

actually, I actually placed a malware on the X vids (pornographic material) web-site and you know what, you visited this site to have fun (you know what I mean). While you were viewing videos, your internet browser started operating as a RDP that has a key logger which gave me accessibility to your screen as well as webcam. Just after that, my software collected your entire contacts from your Messenger, FB, as well as e-mail . And then I created a video. First part shows the video you were viewing (you have a fine taste ; )), and second part displays the recording of your cam, yea its u.

You have two possibilities. We should go through each one of these choices in particulars:

1st solution is to just ignore this email. In that case, I am going to send your actual tape to almost all of your contacts and then visualize concerning the embarrassment you will definitely get. Moreover in case you are in a committed relationship, just how it will certainly affect?

Second alternative would be to give me $7000. Lets regard it as a donation. In this scenario, I will right away eliminate your videotape. You can continue your daily routine like this never took place and you are never going to hear back again from me.

You will make the payment via Bitcoin (if you do not know this, search "how to buy bitcoin" in Google search engine).

BTC Address: [address removed]
[CASE-SENSITIVE, copy and paste it]

If you may be planning on going to the law enforcement, look, this e-mail can not be traced back to me. I have taken care of my moves. I am just not looking to ask you for a lot, I would like to be paid for. You have one day to pay. I have a specific pixel in this e mail, and at this moment I know that you have read through this email message. If I don't get the BitCoins, I definitely will send your video to all of your contacts including relatives, co-workers, and so on. Having said that, if I do get paid, I will erase the video right away. It's a nonnegotiable offer, that being said do not waste my personal time and yours by replying to this message. If you really want evidence, reply Yup & I will certainly send your video recording to your 6 friends.

You might want to check in with friends and relatives who are not tech-savvy to make sure they aren't taken in.

Sextortion Scam Uses Recipient’s Hacked Passwords (Krebs on Secutiry)

Image: Vijay Putra