Hacked threat email

Trollslayer

There is a trick to that - the displayed address which can be changed so you see someone's name for example - and the header which contains the email address which is the destination.
It's a case of a convenience being subverted.

micaab

Hi

This is now a common cyber attempt. Lots of user ids and passwords are already available on the dark Web for sale.

These be old and previous passwords for other services you have used in the past which have been compromised but they will try a random combination and apply them to other services just in case they get it right and scare you.

Change your password for your email account anyway and switch on multi factor authentication.

Then change any other password where you have used that one.

Cheers,
Andy.

Abacus

Pop over to this site here Have I Been Pwned: Check if your email has been compromised in a data breach and enter your email address(s), this will then tell you if your email has been harvested and in what data breaches it occurred. (NOTE: there are many other ways to get your details out there, but this is probably how they got yours)

Trollslayer is correct in that what you see in an email is not what is behind the scenes.

Bill

trust us

Pay the ransom - or watch me wreck your life: Computer menace that is driving victims to suicide  | Daily Mail Online

Nilanth

I had this very same e-mail yesterday. as suggested  in previous posts i changed my password for my e-mail account and also activated the 2 step authentication.

I was worried for a couple of hours but then rationalized, that the only incriminating "stuff" they could find on me, I could not really give a sh*t about it

Lostsoul 301281

Thanks!!
I've now confirmed which site(Epic Games) it was that my email along with the password mentioned was used on.
I no longer use that site anyway.
I might see if I can log in and close that account.

psf150

I’ve had loads of these. Mine was an old password I used on LinkedIn when it was hacked a couple of years ago.

Ignore them. Move on and forget about it.

And make sure you have 2 factor authentication switched on everywhere that allows it. Just for good practice.

SElwell

I'm an IT manager and have seen a number of these sextortion/hacked password emails. Of all the accounts that I've investigated; some crims haven't even tried accessing the compromised account. The rest have been for accounts that the password has been changed.

There seems to be a trend of speculative demands for money based upon breaches from many years ago. I tend to check the bitcoin wallet to see if anyone has paid the ransom. The last 20 bitcoin wallets I've checked, only two had any payments transferred to it.
scammer bitcoin wallets;
Bitcoin Address 17aJNqdHX2GatX9fKGKUpkWBWEd9fpt7YF - nothing
Bitcoin Address 1LZQGS99RUCvQvT5Qce7LkrWtMtcXPSdWZ - made $50k
Bitcoin Address 32tL4X1gos3QaKJmHdGHnQ8QSvXkGA4gG2 - nothing
Bitcoin Address 15Lrb18j53Sf7mu2T6cYRRG4EEaSXDrEDT - nothing
Bitcoin Address 1CRGbtBcTLdCUjts5dsd6j7tYZZiyLs9x4 - nothing
Bitcoin Address 1DrvtiUtCe2KGnEnVXXvTWkK8xpAbiV5MZ - $1 !!!
Bitcoin Address 1Ptuk8rRD6vdJ3VKHwWhWeDYFhDDi3MYxP - now has $400

My current advice to users is to use a password manager and change all passwords and enable 2fa as psf150 suggested.

Bl4ckGryph0n

Strictly speaking you didn't check the wallet, you checked the address used. Big difference especially for how bitcoin works. Those addresses are owned by real amateur script kiddies, they didn't hack anything, if they did they wouldn't be reusing the bitcoin addresses as now their anonymity is compromised

First time I saw this I sat up and paid attention. But as I never did what they suggest I did it was clear it is a scam and they simply got my password email from a breached service. Bunch of muppets.

Lostsoul 301281

I definitely sh*t myself when I saw the email, hence this thread and asking for advice.
The fact that there was a password I’ve used along side my email address seriously freaked me out.
As I’ve said, it seems it was from a breach of a website I used to use, which I’ve actually been banned from for several years, so there’s no way to change that password anyway.

It’s woth keeping this thread around in case others here receive similar emails.