An email has been recently spreading that manages to convince it’s recipients that the sender has access to their computer.
And with that access to their computer they have recorded them doing certain activities on their webcam.
They claim that they have obtained their contact list and will send a video they have made from their webcam to all contacts if they don’t pay them a ransom in Bitcoin within 48 hours.
To make the recipient believe they have access to their computer they send in the scamming email certain information.
It could be a password previously used for the account, numbers in their phone number, or they send the email from the recipient’s own address.
Previous passwords from email accounts can be obtained from site hacks that are years old (this is why it’s a good idea to change your password every few months).
You can check if you have had your password leaked here: https://haveibeenpwned.com/
Numbers in a phone number can be obtained easily, sometimes they just click forget password under your email address and a few numbers of your contact details or shown.
I haven’t seen a full contact number disclosed in this situation, but I’m sure they could get full numbers from cross referencing public directories also.
And when they make it look like it has come from your own address, this is a very old technique called spoofing.
Faking email sender addresses is simple for these guys.
All in all, I haven’t yet seen a circumstance where the machine was actually infected from this scam, and they had never had access to their computer, or to their accounts.
You could double check that your machine isn’t infected by doing a free scan with Malwarebytes.
Our free ebook describes in detail how to get into Malwarebytes and make your security more robust.
You can find the ebook here: https://nimblenerds.com.au/wp-content/uploads/A-5-Point-Approach-To-Maintaining-Your-PC.pdf
If you have any concerns after receiving an email like this or anything else, we’re always available for a chat and further service if necessary.
Happy and safe computing!