First of all, don’t panic.
Second of all, don’t pay!
Thirdly… well, read on.
Let’s backtrack – what blackmail emails are we talking about?
The porn viewing blackmail email scam
This one has been doing the rounds for a while now, but I still get copycat emails all the time. Even though it’s been debunked online, when it first happened to me, it was the first time I’d ever heard of it, so it’s worth putting it out there again.
A sinister-sounding email lands in your inbox, telling you straight away that they know that “___” is your password. They tell you something about putting a tracking pixel on your computer and that they know you’ve been watching pornography, and that they have video evidence of you doing something… er, embarrassing.
They tell you that unless you cough up some (wildly varying) amount of money in bitcoin, they’ll send the video to everyone you know, and you’ll die of shame, etc. etc. Even if you’re not susceptible to scams, this one can provoke a gut reaction, since they put your password right in the subject line.
Don’t click on any links!
Seriously, don’t click on any links, and as I said before, don’t send anyone any money. Next, you can start securing your online life (you probably have a squillion passwords to worry about now) – but I’ll explain how to do this below.
Also, you can report the email to Action Fraud in the UK, or the equivalent body in your country.
There is no video, but how did they get your password?
Short story – there is no video, and the whole thing is a scam. So breathe out. Unfortunately, it does mean that at some time in the past, your information was leaked when a site you had logged into suffered a data breach. The scammers then bought the leaked information – emails and passwords – and commenced scaring people en masse into handing over some cash.
So your computer hasn’t been hacked, but your email and password was leaked when a website you used was hacked. Now you’ve got to make sure you don’t use that password anywhere else.
What if I use the same password everywhere else (with a little variation?)
Well then, you’re like most people.
But now you’ve got to stop doing that! Change your passwords everywhere you’ve used that compromised one. Make sure you don’t recycle your passwords to minimise this happening again.
Yes, it’s a major pain, but you can use a free password manager service like Dashlane to generate and keep super secure, unique passwords.
This phishing scam isn’t new…
and it’s not going away, so it seems. Besides using a service like Dashlane, have a look at some of the online security tips in this post for more about keeping yourself safe whilst shopping online.
Have you received this email phishing scam yet?