E-Mail Password Threat
Hi all. I finally received that dreaded Email wanting $912 or they will shut me down. It shows one of my Passwords correctly. What can I do about it?
Forum Discussion
austinjenna wrote:
Also setup 2 factor authentication
This is a good idea if it's offered on the site. I use a password manager(Lastpass) which is really convenient. Youtube was a big help in learning the details of how to use Lastpass. If your still inputting each password individually, make it as long as possible(12 digits) with a mix of upper case, lower case, numbers, and special characters. Another possible way to get your password is brute force. Top tier brute force computers can guess 350 billion guesses per second, but most don't have that power.- I got a scary message along with voice on my computer screen recently. It completely froze my computer and I couldn't access task manager to disable it the bug. I had to perform a hard shutdown. Upon restart, everything was normal. I ran my Malwarebytes program but didn't locate any bugs. Neither did Windows defender. I suspect it may have been attempted ransomware.
- Also setup 2 factor authentication
- Here is the one I get a couple of times a day from
Aaron686Smith@yahoo.jp
Hello,
I am a spyware software developer. Your account has been hacked by me in the summer of 2018.
I understand that it is hard to believe, but here is my evidence (I sent you this email from your account).
The hacking was carried out using a hardware vulnerability through which you went online (Cisco router, vulnerability CVE-2018-0296).
I went around the security system in the router, installed an exploit there. When you went online, my exploit downloaded my malicious code (rootkit) to your device. This is driver software, I constantly updated it, so your antivirus is silent all time.
Since then I have been following you (I can connect to your device via the VNC protocol). That is, I can see absolutely everything that you do, view and download your files and any data to yourself. I also have access to the camera on your device, and I periodically take photos and videos with you.
At the moment, I have harvested a solid dirt... on you... I saved all your email and chats from your messangers. I also saved the entire history of the sites you visit.
I note that it is useless to change the passwords. My malware update passwords from your accounts every times.
I know what you like hard funs (adult sites). Oh, yes .. I'm know your secret life, which you are hiding from everyone. Oh my God, what are your like... I saw THIS ... Oh, you dirty naughty person ... :)
I took photos and videos of your most passionate funs with adult content, and synchronized them in real time with the image of your camera. Believe it turned out very high quality!
So, to the business! I'm sure you don't want to show these files and visiting history to all your contacts.
Transfer $968 to my Bitcoin cryptocurrency wallet: 1971pHPgLaTmuYtoH4BsGSfFMZaAjotium Just copy and paste the wallet number when transferring. If you do not know how to do this - ask Google.
My system automatically recognizes the translation. As soon as the specified amount is received, all your data will be destroyed from my server, and the rootkit will be automatically removed from your system. Do not worry, I really will delete everything, since I am 'working' with many people who have fallen into your position. You will only have to inform your provider about the vulnerabilities in the router so that other hackers will not use it.
Since opening this letter you have 48 hours. If funds not will be received, after the specified time has elapsed, the disk of your device will be formatted, and from my server will automatically send email and sms to all your contacts with compromising material.
I advise you to remain prudent and not engage in nonsense (all files on my server).
Good luck!
I just send them to the junk folder I know it is spam as the email he sends it to is on a server I don't control and is just forwarded to me at a different email address. Notice the from email is from Japan MDKMDK wrote:
Keep your MS system software up to date, and the chances are greatly reduced.
I really have a good laugh when I get emails saying that my Microsoft software has been compromised - I'm running a linux OS, not Microsoft!bighatnohorse wrote:
You might want to encode an identifier in your password for each password that you use.
If someone displays your password, you will know where (which site) it came from.
This is one of the smartest suggestions I've heard concerning passwords. Since we use the same password on some sites that don't have financial or personal information, we could end the password with the site name e.g. ***********RVNET. Make a lot of since to me.- I have one email/password that I use for all internet sites that don't have personal data (when I have to enter data such as address/birth date, etc, I just lie although I do use the same lie for all the sites). I never check that email and I empty the spam from that email occasionally. For sites such as my banking site, insurance, etc, I use an different email and use a unique password for each site. I get virtually no spam on this email. I have another email that use for correspondence with friends/family. I also get virtually no spam on this one either.
jolooote wrote:
Exactly what worries me. How DID they know one of my Passwords???
Lets start with the basics, what type of site(s) are associated with that password? Are you talking about an investment bank which gives access to all your personal and account information? Or, are you talking some site where you signed up to get a discount coupon for tube socks? Now if it was a unique password only use at one site you know where the problem starts, but if you keep using the same password across multiple sites, you may not be able to know where to start.1492 wrote:
Yeah, it never occurred to me that one would need an identifier for a password. I don't have any sites that have the same password, and only a couple share the same user ID. Locating which site would be relatively easy. Of course with nearly 300 passwords, it could take some time. :) All different, and most are 8-12 characters, mix of letters(upper and lower case), numbers, and special characters where allowed. Roboform does all the heavy lifting so I only have to remember the master password.bighatnohorse wrote:
You might want to encode an identifier in your password for each password that you use.
If someone displays your password, you will know where (which site) it came from.
You should not use the same password for multiple sites. Each of mine is unique to a site. It would be fairly easy to discover on which site the breach occurred.bighatnohorse wrote:
You might want to encode an identifier in your password for each password that you use.
If someone displays your password, you will know where (which site) it came from.
You should not use the same password for multiple sites. Each of mine is unique to a site. It would be fairly easy to discover on which site the breach occurred.
