The Cybersecurity landscape is constantly changing, and there's a new threat to watch out for: Extortion emails that contain either a past or current password. We saw a big wave of these emails over the summer and shared a blog post with our community,: A Creepy Twist on Ransomware: Using your Hacked Passwords and we're seeing another wave now, with some more variations.
Here's the intro from the new email we're seeing:
I'm a hacker who cracked your email as well as devices a few weeks back.
You entered your password on one of the websites you visited, and I intercepted it.
Here is the password from <your email address> on the moment of the hack: <an email you will recognize>
Clearly one can change it, or perhaps you already changed it.
Nonetheless, it isn't going to change anything, my own malicious software updated it each and every time.
Do not necessarily attempt to get in touch with me or find me, since I sent you email from your own account.
Via your own email address, I uploaded harmful code to your Operating System.
I saved all your contacts along with friends, acquaintances, relatives, and an entire record of visits to Web resources..."
The email goes on to demand payment to a bitcoin wallet, and references images taken from the webcam. It further says that law enforcement can't help you.
This email, and emails like it are very scary. The email is made to look like someone hacked into your email account, but in fact it's just a "spoofed" email (the return path is not actually you, but it looks like it is).
Bad actors can harvest passwords from the dark web and you may recognize the password identified. One of the reasons this scam works so well is that you will likely recognize the password, as many people use the same password or similar passwords for multiple accounts. Threats like this are launched using automated systems, and users who may not be aware of these threats work could be terrified of messages like these.
We track major breaches on a weekly basis, and also monitor the dark web for compromised credentials. It may take a very long time for a breach to be acknowledged, but with dark web monitoring, you'll get advance notice.
We strongly advise a layered approach to security. Employee security awareness training, password managers, next-generation antivirus, and dark web monitoring are strongly advised to help keep your users secure. The security landscape is constantly evolving and the layers of security you may have put in place years ago are no longer sufficient.
Everyone has a different level of risk that you're okay with, there are probably some gaps that you're not comfortable with. Our mission is to make sure you have the information you need to be aware of the current cybersecurity landscape and to make informed decisions about your acceptable risk level.