I just got an email from someone showing me one of my passwords and saying that they have been inside my computer for months. They are demanding money or they said they will expose my activities to my contacts. Is this for real?
This question was answered on April 30, 2020. Much of the information contained herein may have changed since posting.
As expected during the lockdown, scammers are stepping up their efforts knowing that so many people are sitting at home, bored, or spending much more time online.
This attempt to extort money based on embarrassing video footage they have of you is what we call a ‘sextortion scam’. We’ve seen this in the past, but they are changing up some of their tactics.
They are attempting to scare you with something that they hope is so bad that you’ll be afraid to tell anyone about it or ask for help.
To add to the ‘credibility’ of their ‘hacking skills’, they include a password that they know that you are currently using or have used in the past.
The Sex Angle
They’ll often claim that the malware they snuck into your computer alerted them when you visited a pornographic website, which trigged the camera and screen capture of your computer.
They'll claim that their malware will randomly select people associated with you, ranging from friends and co-workers to your boss or mother that will be sent your embarrassing video footage if you don’t pay.
Obviously, if you don’t visit pornographic websites, this should be the first clue that they are ‘fishing’ for those that do.
The Stolen Password
More convincing for most is when they see an actual password that they use or have used in the past in the message.
It’s not hard to jump to conclusions that they may have snuck into your computer, but that’s not how they got your password.
There have been so many data breaches of so many companies that virtually any password that you’ve used in the past couple of years has been exposed.
This breached data can get posted on various Internet ‘dump’ sites or is often for sale in huge quantities on the Dark Web.
The compromised data generally includes email addresses and associated passwords, which is what makes this scam dead simple to pull off.
Scammers know that most people use the same password on many different accounts, so they’re playing the odds that you are still using the password they have from the breached information.
If you want to see which of your accounts have been compromised, I provided specific online tools that are safe to use in my column last year: https://bit.ly/3d28rEY
What Should You Do?
The first thing you should do is delete the message and don’t worry about any of the claims they made in the message. If you are still using the password they included, stop using it immediately.
Make sure you are using a unique password for each of your accounts, especially on your email account, as that’s the gateway to all of your accounts through password reset requests.
If there are passwords that you have been using for years, it’s a good idea to change them and make them as long as you can.
Stolen passwords are a real problem, so it’s critical that you turn on 2-factor authentication for all of your accounts to protect you when it does happen. For specific instructions by website, visit https://twofactorauth.org
Opens in new window
About the author
Ken Colburn of Data Doctors on April 30, 2020