Sextorsion with “real” data – Do not pay!

If you have received an email with the subject “Yuor password – ”, don’t freak out immediately. Yes, the “yuor” is written wrong, but this is how the fraudsters wrote it, not the author of this article.
The fraudsters have used a dump with the email addresses and passwords from some hacked website, where you have registered with that email address and password. So, yes, they are real.

The email is pretty convincing, and if you don’t think a bit, some people might be inclined to actually believe that it is true.
But, it isn’t… it is just an automated email, created from the list of recent dumps made public.
You can see for yourself here more details: I recommend to enter your email address there as well, and you will receive notifications if your email appears in some dumps.

How to recognize these scams

Let’s have a short look at this email, so that you know in the future how to recognize them:
1. No fraudster would write his/her real name and email address. A simple search on the “From” of this email shows a normal person, who might have his/her email hacked.
2. Look at the language: are they many typos? Then probably is fake.
3. Is it too incredible to be true? By “incredible” I mean things like “grabbed all your personal data”, “switched on your webcam”, “saved your contact list”. While non of these is impossible to achieve, it is not easy to make something like this. Unless you are NSA .
4. A lot of nonsense?
“As soon as you view the message I’ll know it right away.“
This implies a „Read receipt“ to be set, which the email did not have set.

„This address is connected to you, my system will delete everything automatically after transfer confirmation.“
Well, the address is spoofed, belonging to a real person, so there is no way that the fraudster knows anything.

Not all recipients understand

Unfortunately, by looking at the bitcoin wallet specified in the account, we could see that there were 10 payments done at the time of writing this article. Each of these is about 500USD, summing up to over 5000 USD.


What to do?

Just ignore the email and do not pay.
If you know that you still use that password, change it immediately on all portals/website where you used it. If you don’t remember anymore where you used it, then look at the email address where you received the email and try to remember where you have used it. A good indication is to look in the Inbox of the account and take all websites from which you received the emails one after the other.

© Copyright 2018 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check for seeing the consulting services we offer.

Visit for latest security news in English
Besuchen Sie für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: