Just received a Hacking Threat by email

In summary, the person received an email that threatened them with hacking, and asks for payment to stop. There is no evidence of a virus, and the threat is a bluff. The email's return address is embedded in the header, so it's easy to track. The threat is more likely a result of past corporate breaches, or if the person doesn't use end-to-end encryption. If the person wants to "play" the hacker's game, they can reply to the email asking for proof.
  • #1
WWGD
Science Advisor
Gold Member
7,376
11,342
TL;DR Summary
Someone sent me an email telling me they've hacked me. Not sure what to do
Here's an email I received today,
from

Screenshot_20230720_203209_Samsung Internet.jpg
Screenshot_20230720_203223_Samsung Internet.jpg
 

Attachments

  • Screenshot_20230720_203240_Samsung Internet.jpg
    Screenshot_20230720_203240_Samsung Internet.jpg
    34.3 KB · Views: 104
Computer science news on Phys.org
  • #2
Last part was:
Screenshot_20230720_203240_Samsung Internet.jpg
 
  • #3
What can/should I do?
I'm fully legit, nothing to hide, never watched porn of any type , to be embarrassed.
 
  • #4
Ignore.

I received this type of threat many times. They are just sending this email randomly to anyone and everyone, hoping someone will take the bait. You haven't been hacked in any way.

Even if they did hack you, I doubt such gentlemen would keep their end of the deal if you would pay.
 
  • Like
Likes Greg Bernhardt, ComplexVar89, Math100 and 9 others
  • #5
Yes, there's no evidence of any virus . Thanks.
 
  • #6
This is a common scam. Do nothing except report and delete.
 
  • Like
Likes Astronuc, ComplexVar89, Math100 and 8 others
  • #7
The owner of FreeMathHelp got such a message last year. They threatened to incapacitate the website and put all of his personal information on the web.

The good news: The owner never paid. The hackers got desperate, ruined a few things, and actually started pleading with the owner trying to get him to respond. So far as I can tell, they've given up.

The bad news: We can't contact the owner, either. :doh: We are praying that he's okay.

Still, these types of hackers are petty and really can't do that much unless they run into someone juicy.

-Dan
 
  • Like
Likes e_jane and WWGD
  • #8
WWGD said:
Someone sent me an email telling me they've hacked me.

How did they get your email address. . . any idea? . :oldconfused:

.
 
  • Like
Likes Math100 and WWGD
  • #9
OCR said:
How did they get your email address. . . any idea? . :oldconfused:

.
My best guess: I go at times to coffee shops whose WiFi is not encrypted end-to-end. I've stopped doing it a few months back.
 
  • Like
Likes Math100 and OCR
  • #10
WWGD said:
My best guess . . .

Copy that . . .
.
 
Last edited:
  • #11
WWGD said:
Yes, there's no evidence of any virus . Thanks.
It's a complete bluff. If someone had hacked your devices, they wouldn't resort to an email that would possibly go to your junk folder.

Moreover, the text is generic. There's nothing specific to show that they know anything about you except your email.

You could report it to the police, as the perpetrator is commiting a serious criminal offence.
 
  • Like
  • Care
Likes ComplexVar89, Math100, Demystifier and 6 others
  • #12
WWGD said:
My best guess: I go at times to coffee shops whose WiFi is not encrypted end-to-end. I've stopped doing it a few months back.
It's more likely your email address was leaked through one or more of the numerous corporate breaches that have happened in the past.
 
  • Like
Likes Math100, .Scott, phinds and 2 others
  • #13
Or, if you want to 'play' their game, reply to the email telling them to "prove it." Tell them to send you two or three of the files they grabbed and you then MAY consider their offer.

If you are in to playing mind games you can keep yourself, and them, entertained for a bit -- until they give up! After all, they have easier suckers to annoy. :oldsurprised:

Cheers,
Tom

p.s. Please keep us updated, we could all use a good laugh now and then.

BTW, emails have a return address embedded in the header that most email applications can display, it is easily hacked by the sender though so is not always accurate. What IS usually accurate is the route the email took thru the various computers (and countries) to get to you.
 
  • Like
Likes WWGD
  • #14
I believe another possibility is that I have posted, submitted pics, attachments , and they used the associated metadata somehow. I submitted it by phone for a while, then I started getting texts from strange sources( I usually get spam phone calls, but not texts.). When I submitted such pics, attachments through my pc, I started getting emails like this one. Because I was not using end-to-end encryption, I believe.
 
  • #15
It wasn't anything illegal, but I was once approached by a company that said that my computer had been hacked and information sent out to the internet. They would (very helpfully) go into my system for me and fix the problems. Knowing better, I asked them to prove that they were legit. The conversation went something like this:
They said:
"Go into (ran me through a series of folders and into a file). This is the number you will see at the top of the file."

I said:
"But if you were the ones that hacked my computer, you would know that."

"No, we didn't hack your computer! We just want to go in and install a program that will search for all of you security problems, then we will fix them."

"I see. But, and please forgive me for continuing this thought, if you had only been able to exploit an insecurity in my system before wouldn't this just give you a chance to completely take over my computer? I can't give you access until I am sure that you aren't going to ruin my computer."

"We wouldn't do that. We are a computer security business."

"Ah! So you are offering to fix the security problems on my computer, and then I am going to be charged for it?"

"Well, the security program we are going to upload and run is going to find all of your security problems and we can talk about what needs to be fixed the most. According to our information you have many faults that someone has apparently created in your system."

"If I have that many faults, wouldn't it be simpler and safer to simply do a hard wipe on the drive and start over?"

"Oh no! That wouldn't fix anything. We can..."

(I stopped listening to anything they said after that and soon hung up. My brother-in-law in IT confirmed at any computer based security faults would indeed be cured by a hard wipe.)

They tried this three more times over the next several months.

I doubt that they were doing anything illegal, I think they were just trying to get me to purchase their security system, but it could easily have been someone trying to gain access.

You can't trust anyone or anything that says you are compromised. If you have any doubts, there are legitimate security companies you can contact that will run a check for you, both on your computer and on the net (for a moderate fee). You can find some by contacting Symantec (the company that runs Norton Security Suite) or McAfee.

-Dan
 
  • Like
Likes WWGD
  • #16
OCR said:
How did they get your email addres
They can just make them up and see which ones bounce.

I wonder how many replies they get like "I have no bitcoins to send you, but I know this Nigerian Princess who has millions..."
 
  • Like
  • Haha
Likes e_jane, Nik_2213, russ_watters and 2 others
  • #17
I got a phone call once that told me my computer had some major problems that they had detected over the last few weeks as they were calling from MS Security, and if I followed their instructions by looking at a certain feature that MS supply built in to Windows, I would see lots of errors, in red, that needed correcting to stay secure.

Intrigued, I decided to keep them on the phone and follow their instructions, and yes there were lots of errors marked in red!

They said I should download their software tool and they would sort things for me. I asked how long they'd been receiving error reports and they said it was because of a virus I received two weeks ago.

When I said this is a new computer I received yesterday (true) and it hasn't been on the internet yet, they got most upset. And called me a scammer. Then I said no, my job is a security consultant advising people about scammers. And when I added that my company tracks where their call is coming from, by keeping them on the phone for a while, they said a rude word or five and hung up. I don't track scammers, but that one usually works quite well.

What was interesting was the errors were real, dozens of them, on a brand new computer. But google revealed they were very common on any new computer (and old ones too, of course) and occurred when installing new software! And it also said just ignore these errors. So the scammers had a way of frightening almost anyone who follows their instructions to see the "problems" they will solve. They solve them by deleting the entries in the list, but then their software now has access to your computer.

My advice about the email? Delete it. It's a scam.
 
  • Haha
  • Like
Likes e_jane, Demystifier, topsquark and 1 other person
  • #18
WWGD said:
My best guess: I go at times to coffee shops whose WiFi is not encrypted end-to-end. I've stopped doing it a few months back.
more likely is some website that had your email was hacked - which is why you should not reuse passwords across accounts. Assume every old email / password combination you have ever used is out there on the dark web
 
  • Like
Likes topsquark
  • #19
DrJohn said:
And called me a scammer.
Whew! "Some people really have a lot of nerve." -- The Roches.
 
  • Like
Likes topsquark
  • #20
WWGD said:
Yes, there's no evidence of any virus . Thanks.
Does that mean that you did a scan? That is worth doing regularly, whether you get a threat or not. I do monthly scans before doing a backup. I don't know if that is enough, but the scans (Norton) have never found anything. I was hit by a virus once about 15 years ago.

PS. If your information (email, etc.) is not out there being sold, you are probably the only person in the country like that. I can tell when mine has been sold again by the fact that I get about 20 virtually identical emails in a day trying to get information from me. I just delete them all.
 
  • Like
Likes WWGD
  • #21
topsquark said:
The owner of FreeMathHelp got such a message last year. They threatened to incapacitate the website and put all of his personal information on the web.

The good news: The owner never paid. The hackers got desperate, ruined a few things, and actually started pleading with the owner trying to get him to respond. So far as I can tell, they've given up.
OK, hang on.

You seem to be talking about a bona fide attack (and one that must have succeeded if they could actually do any damage). I think those are relatively rare enough that private individuals will generally never see one.

As far as I understand, what WWGD and most of us receive is totally phishing - a complete and utter bluff there is zero teeth behind it.
 
  • Like
Likes Klystron, PeroK, FactChecker and 1 other person
  • #22
Well, now I'm not just getting phishing/scam emails, but also scam texts. Britanny from Ukraine wants to meet me. Wait, a Ukrainian woman named Brittany? What's next, Janet from Mongolia?
 
  • Haha
Likes e_jane
  • #23
Pablo is Japanese. It's Boleslaw who is Mongolian.
 
  • Haha
Likes e_jane
  • #24
DaveC426913 said:
OK, hang on.

You seem to be talking about a bona fide attack (and one that must have succeeded if they could actually do any damage). I think those are relatively rare enough that private individuals will generally never see one.

As far as I understand, what WWGD and most of us receive is totally phishing - a complete and utter bluff there is zero teeth behind it.
Yes, the FreeMathHelp attack was real. But, fortunately, they didn't seem to be all that good at it. And they clearly weren't expecting the guy to not respond to them. The damage should be repairable if the owner comes back and restores a backup of the forum software. Only, no one can find the guy!

Yeah, what happened to WWGD seems pretty low key.

-Dan
 
  • #25
I got mine last Friday! It was in my spam folder:

Hi there!

I am a professional hacker and have successfully managed to hack your operating system.
Currently I have gained full access to your account.

In addition, I was secretly monitoring all your activities and watching you for several months.
The thing is your computer was infected with harmful spyware due to the fact that you had visited a website with porn content previously.
╭ ᑎ ╮

Let me explain to you what that entails. Thanks to Trojan viruses, I can gain complete access to your computer or any other device that you own.
It means that I can see absolutely everything in your screen and switch on the camera as well as microphone at any point of time without your permission.
In addition, I can also access and see your confidential information as well as your emails and chat messages.

You may be wondering why your antivirus cannot detect my malicious software.
Let me break it down for you: I am using harmful software that is driver-based,
which refreshes its signatures on 4-hourly basis, hence your antivirus is unable to detect it presence.

I have made a video compilation, which shows on the left side the scenes of you happily masturbating,
while on the right side it demonstrates the video you were watching at that moment..ᵔ.ᵔ

All I need is just to share this video to all email addresses and messenger contacts of people you are in communication with on your device or PC.
Furthermore, I can also make public all your emails and chat history.

I believe you would definitely want to avoid this from happening.
Here is what you need to do - transfer the Bitcoin equivalent of 610 USD to my Bitcoin account
(that is rather a simple process, which you can check out online in case if you don't know how to do that).

Below is my bitcoin account information (Bitcoin wallet):
16U9wzzbUBDTf6CQFiwd9a9vfpkaC6QwhK

Once the required amount is transferred to my account, I will proceed with deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 50 hours (2 days +).
I will receive a notification right after you open this email, hence the countdown will start.

Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight away proceed with making your private videos public.

Have a nice day!
 
  • Like
Likes PeroK
  • #26
Send Dudley Do-Right!*

* A cartoon Mountie, at one time banned in Canada.
 
  • #27
jack action said:
I got mine last Friday! It was in my spam folder:
This is the brave new world where crypto currencies replace traditional banks, without it seems any curbs or sanctions against serious criminal activity.
 
  • Like
Likes Klystron
  • #28
Vanadium 50 said:
Send Dudley Do-Right!*

* A cartoon Mountie, at one time banned in Canada.
Some trivia: Unknown to many, Dudley Do-Right was banned due to a lawsuit from a firm owned by Snidely Whiplash!

It's a fact.

-Dan
 
  • #29
When will this end? Well, probably when the crooks go after the wrong guy.

In the late 70s, a fellow named Tony "Big Tuna" Accardo was burglazrixed. His occupation? Um..."Legitimate Businessman". He didn't even have a lock on his door -who would dare steal from Tony "Big Tuna" Accardo?

Someone did. And that winter, the police kept finding bits and pieces of the gang that did it all over town. And by bits and pieces, I mean bits and pieces.

Someday someone will attempt to scam one of these Legitimate Businessmen. And then they will be "made a 'zample of."
 
  • Like
Likes berkeman
  • #30
My brother received an email threat similar to mine. The day after mine. I survived the threat, still thinking on whether I should try to humiliate the sender.
 
  • #33
PeroK said:
This is the brave new world where crypto currencies replace traditional banks, without it seems any curbs or sanctions against serious criminal activity.
For all I know, traditional banks haven't stopped criminal activities in any way.
 
  • #34
jack action said:
For all I know, traditional banks haven't stopped criminal activities in any way.
Banks are, at least in theory, governed by the law and banking regulations. It's unlikely that you'll wake up one morning to find your bank account empty. And, even if you do, there is a legal process available.

If someone steals your bitcoin, AFAIK, it's gone and you have no means of redress, legal or otherwise.

If the blackmailer's account in this case was with a regular bank, the account could be frozen.
 
  • Like
Likes Motore
  • #35
WWGD said:
TL;DR Summary: Someone sent me an email telling me they've hacked me. Not sure what to do

Here's an email I received today,
from

View attachment 329477View attachment 329478
Only on transaction on this wallet on 7/19 (prior to the email), so fortunately no takers

1690224151294.png
 
Back
Top