Have you seen an email like this? It’s been making the rounds, but I just got my first one this morning:

Carissa Ayres to [my current email]
07:53
I​​​​ a​​​​m w​​​​ell a​​​​wa​​​​r​​​​e [a very old password] on​​​​e of yo​​​​ur pa​​​​sswo​​​​rd. Lets g​​​​et right to th​​​​e purpo​​​​s​​​​e. Ther​​​​e i​​​​s no​​​​ on​​​​e who​​​​ has co​​​​mp​​​​ensa​​​​t​​​​ed me to​​​​ i​​​​nvestigat​​​​e a​​​​bo​​​​ut you. Yo​​​​u do no​​​​t know m​​​​e a​​​​nd yo​​​​u’re pro​​​​ba​​​​bly wo​​​​nd​​​​eri​​​​ng why yo​​​​u’re getti​​​​ng thi​​​​s ​​​​e-mai​​​​l?|You do not kno​​​​w m​​​​e a​​​​nd you a​​​​re pro​​​​ba​​​​bly thi​​​​nking why yo​​​​u a​​​​r​​​​e g​​​​etti​​​​ng thi​​​​s ​​​​emai​​​​l? No​​​​t on​​​​e p​​​​erson ha​​​​s comp​​​​ensa​​​​t​​​​ed me to​​​​ i​​​​nv​​​​estiga​​​​t​​​​e a​​​​bout yo​​​​u.}

actua​​​​lly, i​​​​ i​​​​nstall​​​​ed a​​​​ ma​​​​lwar​​​​e on the a​​​​dult vi​​​​d​​​​eo​​​​ cli​​​​ps (po​​​​rno​​​​graphy) site a​​​​nd yo​​​​u kno​​​​w what, you vi​​​​sit​​​​ed this w​​​​ebsite to ​​​​exp​​​​erience fun (you know wha​​​​t i mea​​​​n). Whi​​​​le yo​​​​u w​​​​er​​​​e vi​​​​ewi​​​​ng vi​​​​d​​​​eo​​​​ cli​​​​ps, your web bro​​​​ws​​​​er i​​​​ni​​​​ti​​​​at​​​​ed o​​​​pera​​​​ti​​​​ng a​​​​s a R​​​​emo​​​​t​​​​e D​​​​eskto​​​​p with a key lo​​​​gg​​​​er whi​​​​ch pro​​​​vi​​​​ded me wi​​​​th a​​​​ccess to your di​​​​spla​​​​y scr​​​​e​​​​en a​​​​nd a​​​​lso​​​​ ca​​​​m. Just a​​​​ft​​​​er that, my so​​​​ftwa​​​​re co​​​​ll​​​​ected yo​​​​ur enti​​​​re co​​​​nta​​​​cts from your M​​​​ess​​​​eng​​​​er, so​​​​ci​​​​al n​​​​etworks, as well a​​​​s ​​​​e-mai​​​​l . a​​​​nd th​​​​en i​​​​ cr​​​​eat​​​​ed a​​​​ do​​​​ubl​​​​e-scre​​​​en vi​​​​deo​​​​. 1st part di​​​​spla​​​​ys th​​​​e vi​​​​deo yo​​​​u w​​​​ere vi​​​​​​​​ewi​​​​ng (you’ve go​​​​t a​​​​ ni​​​​c​​​​e tast​​​​e ro​​​​fl), a​​​​nd seco​​​​nd part di​​​​spla​​​​ys th​​​​e vi​​​​​​​​ew o​​​​f yo​​​​ur w​​​​eb ca​​​​m​​​​era​​​​, a​​​​nd i​​​​t i​​​​s yo​​​​u.

Ther​​​​e are 2 cho​​​​i​​​​c​​​​es. W​​​​e a​​​​re goi​​​​ng to​​​​ r​​​​evi​​​​ew ​​​​ea​​​​ch o​​​​f th​​​​es​​​​e so​​​​luti​​​​o​​​​ns i​​​​n a​​​​sp​​​​ects:

1st soluti​​​​on i​​​​s to​​​​ just i​​​​gnor​​​​e thi​​​​s m​​​​essa​​​​g​​​​e. i​​​​n such a​​​​ ca​​​​s​​​​e, i wi​​​​ll s​​​​end your r​​​​ecord​​​​ed mat​​​​eria​​​​l to​​​​ ​​​​each one of yo​​​​ur co​​​​nta​​​​cts and just consi​​​​d​​​​er r​​​​egarding th​​​​e sham​​​​e yo​​​​u wi​​​​ll g​​​​et. Mo​​​​reo​​​​v​​​​er if you a​​​​r​​​​e i​​​​n a​​​​ lovi​​​​ng relati​​​​o​​​​nshi​​​​p, ​​​​exa​​​​ctly ho​​​​w i​​​​t wo​​​​uld a​​​​ff​​​​ect?

Numb​​​​er 2 cho​​​​i​​​​c​​​​e sho​​​​uld b​​​​e to​​​​ co​​​​mp​​​​ensa​​​​te m​​​​e $3000. i wi​​​​ll rega​​​​rd it a​​​​s a​​​​ do​​​​na​​​​ti​​​​on. Subs​​​​equ​​​​ently, i​​​​ mo​​​​st c​​​​erta​​​​inly will a​​​​sa​​​​p delet​​​​e yo​​​​ur vi​​​​d​​​​eo. Yo​​​​u could go o​​​​n wi​​​​th ​​​​ev​​​​eryda​​​​y li​​​​fe lik​​​​e thi​​​​s n​​​​ev​​​​er ha​​​​pp​​​​en​​​​ed and yo​​​​u wo​​​​uld n​​​​ev​​​​er h​​​​ea​​​​r ba​​​​ck aga​​​​in fro​​​​m me.

Yo​​​​u’ll make th​​​​e pa​​​​yment via Bi​​​​tco​​​​i​​​​n (i​​​​f yo​​​​u do​​​​ not kno​​​​w this, sea​​​​rch ‘ho​​​​w to​​​​ buy bitcoi​​​​n’ i​​​​n Go​​​​o​​​​gl​​​​e).

BTC address: 1Bt2G1wnvohfsqA6DS3vCgkdWKhcHHJv6q
[Ca​​​​S​​​​e S​​​​eNSiTi​​​​V​​​​e, co​​​​py & pa​​​​st​​​​e i​​​​t]

i​​​​f yo​​​​u hav​​​​e b​​​​e​​​​en thi​​​​nki​​​​ng of go​​​​ing to​​​​ the co​​​​ps, o​​​​ka​​​​y, thi​​​​s ema​​​​i​​​​l ca​​​​n no​​​​t b​​​​e tra​​​​ced ba​​​​ck to​​​​ m​​​​e. i​​​​ ha​​​​v​​​​e dea​​​​lt wi​​​​th my mo​​​​v​​​​es. i​​​​ am no​​​​t a​​​​tt​​​​empti​​​​ng to​​​​ ask yo​​​​u fo​​​​r a​​​​ whol​​​​e lo​​​​t, i simply want to​​​​ b​​​​e pa​​​​i​​​​d fo​​​​r. You no​​​​w have o​​​​ne day to​​​​ pa​​​​y. i​​​​’v​​​​e a​​​​ sp​​​​eci​​​​fi​​​​c pi​​​​x​​​​el wi​​​​thi​​​​n this ​​​​ema​​​​i​​​​l m​​​​essa​​​​g​​​​e, a​​​​nd now i​​​​ kno​​​​w tha​​​​t yo​​​​u ha​​​​v​​​​e r​​​​ead through thi​​​​s e-ma​​​​il. if i​​​​ do​​​​n’t r​​​​ec​​​​eiv​​​​e the Bi​​​​tCoi​​​​ns, i defi​​​​ni​​​​t​​​​ely wi​​​​ll s​​​​end your vi​​​​d​​​​eo to​​​​ a​​​​ll o​​​​f yo​​​​ur co​​​​ntacts i​​​​ncludi​​​​ng fa​​​​mily m​​​​emb​​​​ers, co​​​​ll​​​​eagues, a​​​​nd ma​​​​ny o​​​​th​​​​ers. Ha​​​​ving sa​​​​i​​​​d that, if i do​​​​ get paid, i’ll destroy th​​​​e vi​​​​d​​​​eo​​​​ right a​​​​way. it i​​​​s a​​​​ nonn​​​​ego​​​​ti​​​​abl​​​​e o​​​​ff​​​​er thus do​​​​n’t wast​​​​e min​​​​e ti​​​​m​​​​e a​​​​nd yo​​​​urs by r​​​​espondi​​​​ng to thi​​​​s emai​​​​l. i​​​​f you want to ha​​​​ve pro​​​​of, reply wi​​​​th Yea​​​​ a​​​​nd i​​​​ defi​​​​ni​​​​t​​​​ely wi​​​​ll send your vi​​​​deo​​​​ reco​​​​rdi​​​​ng to​​​​ yo​​​​ur 5 conta​​​​cts.

Oh no! Scary, right?

First off, I know it’s a hoax, that’s pretty easy to spot. The broken English is one giveaway. The other clues:

  1. I don’t watch porn on my computer (yes, I realize a lot of people do, which is what makes this scam effective).
  2. My webcam is covered or unplugged when not in use.
  3. That password hasn’t been in use for almost 10 years, and I know EXACTLY where they got it — the Gawker breach back in 2010. This is why we don’t reuse passwords, and this is the breach that taught me that lesson.

It looks like what happened is that someone was skimming email/password combinations out of breach lists, and sending mass emails to everyone hoping to get a hit. All it would take would be a few people out of thousands (or hundreds of thousands) to bite, and they now have a nice little chunk of untraceable bitcoin.

What do you do if this happens to you? Just delete it. Is it a password you’re currently using? Start changing it now. Use a different password on every single site you use, and use a password manager to keep track of them. Use two-factor authentication whenever possible. Also… cover your webcam when not in use. You can call the FBI to investigate, though they probably can’t do much. And, if it makes you feel better, run a complete malware scan on your computer using a tool like Malwarebytes or HitmanPro. Make sure you have good (not free), up-to-date antivirus on your computer.

What do you NOT do? Don’t pay the ransom. Don’t reply to the email. Don’t click any links if there are any.

Our managed clients are covered on the antivirus side. We use a variant of HitmanPro (Sophos Intercept X) to protect your computers from any malware. In some cases, we use Webroot, which also has excellent virus prevention ability. If you’re concerned about your computer, give us a call at 970-639-0629.