How to Fix: Hackers Hacked My Email, Demand Bitcoin (Scam)

Dennis Faas's picture

Infopackets Reader Sam G. writes:

" Dear Dennis,

I get emails from hackers a few times a week saying that they have cracked my email account. As proof, they have supplied me with the correct password for the account. The message goes on to say that they have planted a Trojan on my computer which allows them to spy on me.

Here's where it gets interesting. The hackers say I have been visiting websites of people in the buff. They are demanding I pay them bitcoin (worth $831) to keep this quiet, otherwise they will send images from the purported site I've visited and also a picture of me on my webcam.

The English used in the messages is strange to say the least. I get the same message from other 'hackers', but the bitcoin wallet is different.

What do you think? "

My response:

This is a scam, similar to the Facebook blackmail scam I mentioned a few weeks ago.

Here's how it works:

At some point in the past, you visited a website and created a user account using your email and password. Later, real hackers compromised the site, then downloaded the database of user accounts (including your name, email, and password used on the site). They then used this information to mass email all the people in the database with the same scam message - just like the one you're describing.

In order to legitimize their "masterful hacking techniques" they supply you with your email password. This is icing on the cake and will frighten most people into believing the next line, where they claim to have planted a Trojan on your computer capable of spying on your every move. However, this is nothing but a fabrication. As such, anything the "hackers" say to you in their email is simply a lie, no matter how convincing it may appear!

The fact is: it's not uncommon for regular users to visit raunchy websites of 'people in the buff'. It's also not uncommon that users use the same password on multiple sites. Scammers realize this fact, then play the numbers game by mass emailing all the people in the database with these claims, hoping that someone is frightened enough to hand over their hard earned money.

Even if 1 person out of 3 million possible user accounts pay the ransom, that's still $800 in the scammer's pocket.

Related: How to Fix: Hackers Hacked My Phone, Demand Bitcoin (Scam)

How to Fix: Hackers Hacked My Email, Demand Bitcoin (Scam)

Now that you know how the scam operates, you can safely ignore the message.

Instead, change your passwords on all the sites you visit, making sure they are strong and unique. Never, ever use the same password on more than one site - otherwise hackers (and scammers) can use this information to gain access to other sites, or send you scam emails like the one you mention.

If you use different passwords on all the sites you visit, you severely limit the potential attack vector.

If you are concerned your computer has been hacked, I suggest you hire a professional - like myself - to look over the system. My contact link is here; review my credentials here.

Scam Message from Hackers Claiming to Have Hacked Your Email (and PC)

For the record, here is the scam message that Sam sent me:

" Hello!

I'm a hacker who cracked your email and device a few months ago. You entered a password on one of the sites you visited, and I intercepted it. This is your password from abc[at]example.com on moment of hack: abcPassword. Of course you can will change it, or already changed it. But it doesn't matter, my malware updated it every time.

Do not try to contact me or find me, it is impossible, since I sent you an email from your account. Through your email, I uploaded malicious code to your Operation System. I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources. Also I installed a Trojan on your device and long tome spying for you.

You are not my only victim, I usually lock computers and ask for a ransom. But I was struck by the sites of intimate content that you often visit. I am in shock of your fantasies! I've never seen anything like this!

So, when you had fun on piquant sites (you know what I mean!) I made screenshot with using my program from your camera of yours device. After that, I combined them to the content of the currently viewed site. There will be laughter when I send these photos to your contacts! BUT I'm sure you don't want it. Therefore, I expect payment from you for my silence. I think $831 is an acceptable price for it!

Pay via Bitcoin. My BTC wallet: 1GcwYRfWesiSe2fBmsVSpNG2K11zDMhksG

If you do not know how to do this - enter into Google "how to transfer money to a bitcoin wallet". It is not difficult. After receiving the specified amount, all your data will be immediately destroyed automatically. My virus will also remove itself from your operating system. My Trojan have auto alert, after this email is read, I will be know it!

I give you 2 days (48 hours) to make a payment. If this does not happen - all your contacts will get crazy shots from your dark secret life! And so that you do not obstruct, your device will be blocked (also after 48 hours). Do not be silly! Police or friends won't help you for sure ...

p.s. I can give you advice for the future. Do not enter your passwords on unsafe sites.

I hope for your prudence.

Farewell. "

A few things to note:

  1. The English used throughout the message is atrocious. This is a big tip-off that the message was written (poorly) by someone in a third-world country.
     
  2. Scammers use the fact that they have your email password as "proof" of their hacking abilities, then claim to have uploaded malware to your computer. Nothing could be further from the truth. Your email password has nothing to do with hackers being able to magically connect to your machine, even if you used the same password to login to Windows (for example). Hackers can't gain access to your machine just because they say so. The fact is, they stole your password from another site (which was in fact hacked) and are using this information to legitimize their false claims.
     
  3. Another big tip-off that this is a scam is the fact that the bitcoin wallet changes. This should be a big red flag that the message is simply a template being mass emailed to thousands, hundreds of thousands, or even millions of people.
     
  4. If you are concerned your computer has been hacked, I suggest you hire a professional - like myself - to look over the system. My contact link is here; you can review my credentials here. You can also read this page which explains how to protect yourself from being hacked; here's another article explaining how to protect yourself against ransomware - both articles were written by me. If you're still not sure, consider hiring me to investigate.
     
  5. If you are tired of receiving these scam emails, you will need to sign up for another email account and stop using the old one.

I hope that helps.

Got a Computer Question or Problem? Ask Dennis!

I need more computer questions. If you have a computer question - or even a computer problem that needs fixing - please email me with your question so that I can write more articles like this one. I can't promise I'll respond to all the messages I receive (depending on the volume), but I'll do my best.

About the author: Dennis Faas is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.

Rate this article: 
Average: 5 (7 votes)

Comments

ronangel1's picture

This happened to me a few weeks ago with very simlar message.The first thing I did was to change email account password although it was not the one for the account shown on email.Then checked sent mail in account which there was none. The mail from that account is automaticly forwarded to outlook to an email account which is only used for contacting service provider not for sending mail and no one has it, then deleted.I also have no web cam on main computer and microphone is disconected by switch not software so I knew the email was a try on.I was hoping for a return email to ask them for the videos to be sent to me!( of course there were none.....Grin) )
I checked the headers on email that was supposed to have come from my uk email address but discovered that the IP address was from an account in brazil! So I attached a copy of the email with all headers and sent it to the abuse department of the senders service provider,who will be able to trace back to sending account.Heard nothing from them and email did not bounce.Did not get any more of the messages.

jloew_11500's picture

Over the past month I received several emails similar to the ones you mentioned, which I disregarded for the reasons you described, and because I have no webcam en have nothing to hide. However, today for the first time I received 2 differently worded but similar in content mails with my own mail as their sender address, one mail even showing the last 4 digits of my phone number. Clicking the From exposed my own mail address and phone numbers. What does this mean regarding hacking of my computer, mail, smartphone perhaps?

Dennis Faas's picture

All it means is that your data was extracted from a website that was breached. Data breaches happen all the time, unfortunately - google "world's biggest data breaches" for plenty of examples. It does not mean they have access to your machine or devices for the reasons I already stated in the article.

If you are still concerned that you may have been hacked, I suggest you hire a professional - like myself - to look over the system. My contact link is here; you can review my credentials here. You can also read this page which explains how to protect yourself from being hacked; here's another article explaining how to protect yourself against ransomware - both articles were written by me. If you're still not sure, consider hiring me to investigate.

jloew_11500's picture

Thanks for fast response

rubbersoul53_11521's picture

I received this in my E-mail account this morning. Looks similar

rubbersoul53@msn.com password is xyz

Hi

So I'm a hacker who broke your email as well as device a couple of weeks back. You entered your passcode on one of the sites you visited, and I intercepted this. Here is your password from rubbersoul53@msn.com on time of hack: xyz

Of course you can can change it, or perhaps already changed it. Nonetheless it won't really make a difference, my malware updated it every time. Do not really try to make contact with me or even find me, it is impossible, since I sent you email from your account.

Via your e-mail, I uploaded harmful computer code to your Operation System. I saved all of your current contacts together with friends, co-workers, relatives along with a complete record of visits to the World-wide-web resources.

Additionally I installed a Trojan on your device. You are not my only victim, I usually lock pcs and ask for a ransom.

Nonetheless I was hit through the internet sites of romantic content that you generally stop by. I am in great shock of your current fantasies! I've certainly not seen anything at all like this! Consequently, when you had enjoyment on piquant web-sites (you know what I am talking about!) I made screenshot with utilizing my program through your camera of yours device.

After that, I put together them to the content of the currently viewed web site. Now there will be laughter when I send these photos to your associates!

However I know you don't want it. For that reason, I expect to have payment from you with regard to my quiet. I believe $900 is an adequate cost regarding it! Pay with Bitcoins. My BTC wallet address: 1BCTXkDJtjJTYmXZBPR1qctWme3NxM7zWS

In case you do not understand how to do this - enter into Google 'how to transfer money to a bitcoin wallet'. It isn't difficult.

Following getting the given amount, all your data will be immediately destroyed automatically. My virus will ad ditionally clear away itself through your computer. My Trojan have auto alert, so I know when this e-mail is opened. I give you two days (48 hours) in order to make the payment.

In case this does not happen - just about all your connections will certainly get mad pictures from your dark secret life and your device will be blocked as well after 48 hours. Don't end up being silly! Police or pals won't aid you for sure ...

p.s I can present you with advice for the future. Do not type in your passwords on risky internet sites.

I wish for your discretion.

Hasta la vista.

I would be pretty sure there is no trojan on my computer as I use McAfee. It's also possible the trojan could have been on my old computer though it seems this clown probably would have gotten this in 2016 according to the Have I been pawned site. Someone did try to hack into my Facebook page last year, but I just changed my E-mail address there hoping that won't happen again.

I guess I'm more concerned what he means by blocking my device. Does he mean making my computer unusable or does he mean blocking my sites such as Facebook. I doubt he has any photos because I haven't seen my webcam flashing. Anyhow, Thought I'd add to the discussion.

Dennis Faas's picture

What you posted is word for word almost identical to the other email. It is not necessary to post the email notices here - in case anyone else is interested in doing the same.

This is nothing but a template used by scammers, plus information extracted from a database (your password). Do not bother to contemplate what is being said (threats or otherwise) because it's all a lie. Change your passwords on all the sites you visit as I've already suggested in the article and you should be fine.

If you are still concerned that you may have been hacked, I suggest you hire a professional - like myself - to look over the system. My contact link is here; you can review my credentials here. You can also read this page which explains how to protect yourself from being hacked; here's another article explaining how to protect yourself against ransomware - both articles were written by me. If you're still not sure, consider hiring me to investigate.

Please note: I will not be posting any more updates on this or replying to any more questions on the subject, no matter how "scary" or "unique" the emails may seem. They are all the same for reasons I have already pointed out in the article. If it is still not clear, please take a few minutes to re-read the article.