Compromised Passwords Being Used in Porn Scam

Compromised Passwords Being Used in Porn Scam

There is a new and prevalent scam going around leveraging compromised passwords and threats to publish porn watching habits unless you pay hush money in Bitcoin.

 

How it often works is that users receive an email with one of their old passwords in the subject line in a format similar to what is shown in the article below by Brian Krebs:

You don’t know me and you’re thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).

BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72
(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immediately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.

 

https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/  

 

New variations reference smartphone hacking but follow a similar pattern.

 

What should you do?  Mark the message as spam/junk or delete the message.

 

Wondering how the scammer knows one of your passwords?  Go to https://haveibeenpwned.com  and enter your email address(es).  This site will let you know about website compromises that may have contained your username and password.  Then, change your passwords on all of those sites.  You can also sign up for alerts so that you are notified if one of your passwords becomes compromised in the future.  Also, please use different passwords for your Wesleyan, personal, and financial accounts so that if one password gets breached, it doesn’t give access to everything.

 

If you are worried about tracking all of those passwords, we are piloting the use of a tool called LastPass for staff and faculty, which helps users manage their passwords.  You can find more information about the tool at https://lastpass.com.  If you want to join our pilot and use the tool, please email security(at)Wesleyan.edu.

 

Stay Safe Online.

 

Antonio Crespo

Chief Information Security Officer