A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer’s webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends.
BleepingComputer has been reporting on these scams since the summer of 2018 when they started to be sent by scammers.
While many would disregard these emails, some have been so concerned that a video would leak that they sent payments to the scammers. In the first week that these extortion emails began to be sent out, concerned recipients sent over $50,000 in bitcoin to the attackers.
Since then, threat actors have created different types of email extortion scams including one that pretends to be hitman contracts, bomb threats, CIA investigations, threats of installing ransomware, and just recently, threats to infect your family with the Coronavirus.
Today’s campaign revisits old campaign
In today’s email extortion campaign, the attackers have gone back to basics and have started emailing people stating that their computers were hacked, a video was taken using their webcam, and that they know their passwords.
The listed passwords are in many cases actual passwords used by the recipient in the past, but the attacker does not know them by hacking your account, but rather through leaked data breaches shared online.
Due to today’s campaign, BleepingComputer began to receive numerous emails from recipients where they shared samples of the extortion emails being sent.
These emails are very similar to our original article regarding these scams and below you can see one of the extortion emails that was sent to us today from a reader.
The text of these emails can be read below.
I know, xxx, is your password. You don't know me and you're thinking why you received this e mail, right? Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account. What exactly did I do? I made a split-screen video. First part recorded the video you were viewing (you've got a fine taste haha), and next part recorded your webcam (Yep! It's you doing nasty things!). What should you do? Well, I believe, $1900 is a fair price for our little secret. You'll make the payment via Bitcoin to the below address (if you don't know this, search "how to buy bitcoin" in Google). BTC Address: bc1qzl2qlywq8fzfm49e7mvsuz4yvpdwpzfqs5g85r (It is cAsE sensitive, so copy and paste it) Important: You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don't get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with "Yes!" and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don't waste my time and yours by replying to this email.
Some of the bitcoin addresses shared with BleepingComputer from this campaign include:
bc1q3h9lq7z4uke8q8uslx5rlr2xq0xgnu37zt8ywn bc1qzl2qlywq8fzfm49e7mvsuz4yvpdwpzfqs5g85r bc1qflasaggvrat2kavt5ygy043k9p5rjwr9kkql03 bc1qzl2qlywq8fzfm49e7mvsuz4yvpdwpzfqs5g85r bc1qpq0ptyh6cwzksu0mkmg4t5xkhvp9q4vfgh4gyq bc1qehk8rsppsqtwh7hvmmgdz4rnkydtdsx8pqdwjw
Everyone needs to know that these emails are fake, scams, and nothing to worry about.
As scary as they may seem, especially if they are including passwords you currently use or have used in the past, recipients should not send any payments to the scammers.
Simply read the email, get a quick chuckle out of it, junk it, and carry on with your day!