Save yourself, who else is getting this BS?

Ok I apologize, in advanced, if anyone has to watch a video of me satisfying myself , lol. Below is a scam email that I have gotten 4 of, over the last few weeks. The subject is titled: Save Yourself. My step father got the same email, but I guess I'm "worth more" than he is, they only "requested" $300 in bit coin from him but $1400 from me. lol (ps I would not google, drive by exploit. I don't search anything they have listed in the email). Some of the other emails talk about sharing my info (and video) on the dark web etc...and no I have never used a bitcoin, quite frankly I don't even fully understand it, lol.

I am getting so aggravated, this is such bullshit. Anyway, it has been suggested that I forward these scam emails to the FBI. One thing that piqued my uneasiness was they claimed to have a password of mine and they do present it in the email. Interestingly, it was my old one for VMB. I am sure I used it elsewhere, overtime, but that did leave me a little out of sorts in the beginning but now I just laugh when I get these ridiculous emails. Just wondering who else is getting this or a variation of it?
Here is the email (minus the links to their bit coin, oh and my old password):

"Your computer was infected with my malware, RAT (Remote Administration Tool), your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit".

My malware gave me full access and control over your computer, meaning, I got access to all your accounts (see password above) and I can see everything on your screen, turn on your camera or microphone and you won't even notice about it.

I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!

After that I removed my malware to not leave any traces.

I can send this video to all your contacts (email, social network), on the whole web, I can publish absolutly everything I found on your computer!

Only you can prevent me from doing this and you know that's no joke - you got the proof above!

Transfer exactly 1400$ with the current bitcoin (BTC) price to my bitcoin address.

It's a very good offer, compared to all that horrible shit that will happen if I publish everything!"

 

I think the obvious question is link to vid?

 

Shucks, you're making me blush .

 

LOL. Sadly people probably do fall for it, although asking someone to pay in bitcoin probably makes it complicated enough a lot of people won't pay.

 

That particular scam e-mail is quite common according to google.
Unfortunately the scammer apparently has an unlimited number of e-mail accounts so it’s not just a matter of blocking the 1 address.
I started getting that particular one sent to my business email about 2 months ago. I just starting blocking every email I received from them. Sometimes as many as 6-8 a day.
When I block an address or domain it also bounces the email back to the sender. Initially it appeared to increase the volume I was receiving from them but after a month or so it now appears they’ve given up on me as a target.
Hopefully they got tired of the messages getting bounced back.
Spam the spammer.

And change the passwords for any website account you used that particular password for.
And never use a common or the same password for any important online accounts like banking, bills, investments etc.

 

@Tex , yea, the first thing I did was a password overhaul. Granted there might be some obscure sites, that I may have used that particular password for at one time or another. But if there is oh well. But the biggies ( bank, credit cards etc) are all varied. What a hassle. Why some people gotta be so shady?

 

I get them from time to time. Sometimes with an old password, sometimes not. Just to satisfy my own curiosity on what service out there was hacked at some point for them to get my info, I started using random number, letters, and characters generated from my PW manager as passwords, but add the website into the PW so I have a much better idea of where they got it from. example: VMB,a5eg89sbv#5acD9U

So far, not seen any of the new passwords come across and the video of my picking my nose hasn't shown up either
Guess it might help if I had a webcam on the computer for them to get that footage too, huh?

 

I think the obvious answer here is to file a report with the FBI at the link below. Extortion/blackmail is a serious crime.

https://www.ic3.gov/default.aspx

 

You could also run a Whois on the domain and see who hosts it and then file a complaint with the hosting company.
I believe this one may be hosted by godaddy

 

It would be easy enough for a spammer to take a set of data from a breach to list a password that had actually been used in the past. You can use website https://haveibeenpwned.com/ to check and see if your email address has been part of some known data breaches.

Also, I recommend to start using a password manager, so can generate a unique password for each site you create an account for (and if the site allows it, set it to generate a long password). I use LastPass, and I can't imagine not using one (I'm not going to remember a 20+ character passsword). It does a good security check, and can warn you of reused passwords and prompt you to reset them. (You do have a master password for the tool, but easier to remember the 1 versus all, and I change it annually.)

And for the webcam, I keep them covered on all my PCs. Even on my work laptop I have it covered because they started using video on the conference calls. I have some webcam covers i picked up for a couple bucks on amazon. A coworker uses a pink post-it note, and we can tell whenever he joins because the screen goes pink before he disables the camera (which he has just been too lazy to actually change the setting in the app).

 

I like this idea, and think will start doing something like this instead of just using the generated password.

 

Whoa, I better start putting an extra tissue over the camera lens.

 

We’ve begun using first lines of favorite songs for random passwords.
I heard the news today o’boy 68

Or nursery rhymes. It works for us but may not be more effective than any other choice.

 

Yeah, this is most likely the story. Whoever sent the email had access to some breach data, so they got your email and an associated password. They may or may not know which website that combination is for.

The malware thing is just a ruse.

Although from a social engineering standpoint, the satisfying yourself thing may make sense, depends on what breach they have data from.

It's not worth spending any time over, just ignore it.

 

So this is why you are Happy Girl ???

I am so sorry! I couldn't help myself. The situation sucks, and I would be extremely creeped out by it.

 

They have video of me satisfying myself? If watching me eat floats your boat, go for it.

 

My 81 year old saintly sister got the same email, but she's way to savvy to bite on that stuff. There must be money in this sort of thing, I guess. Seems to be ubiquitous in our modern age.

 

Maybe it’s a religious thing. You know......accept this or that as gospel and you...are...saved!!!!

(sort of a short pictorial timeline)

 

About 10 people I work with, including myself, got the same email but it would come from our own email addresses. They would spoof our emails to make it look like you emailed yourself.

We told our IT company and ignored the emails and they eventually stopped sending them.