Go Back  PPRuNe Forums > PPRuNe Social > Jet Blast
Reload this Page >

Threatening emails with our passwords displayed

Jet Blast Topics that don't fit the other forums. Rules of Engagement apply.

Threatening emails with our passwords displayed

Old 29th Jul 2018, 18:54
  #1 (permalink)  
Thread Starter
 
Join Date: Sep 2004
Location: Berkshire, UK
Posts: 660
Threatening emails with our passwords displayed

My partner and I have both been sent threatening emails explaining how we had each been monitored via our webcams, watching porn on our computers. I would have dismissed it as garbage as neither of us has a webcam on our machines but the thing that is playing on our minds though is the fact that the email sent to each of us has one of our passwords in the subject line. We have reviewed which websites we each have which might use the passwords sent to us and have not found any commonality which suggests that it is not a site that has let user data out. The actual passwords are not current on anything important (no banks, email services or anything that messes up your life if it goes astray).

We have also run our system scans to look for active nasties and found nothing worrying. What else should we check?

Is it likely to have been logged by something in our systems or something that escaped from somewhere we log into? We can't figure out the process which let the scumbags get our passwords.

I did have my Amazon account hacked (they deny it but stuff kept getting bought on my account using the credit card that they held) but since I canceled that card and changed my Amazon password it has been OK. My partner does not use the leaked password on her Amazon account and never has done.

Are any of the crime prevention or fraud investigation agencies likely to be interested this issue? Mailwasher deleted my copy, I can't get it back as I only have the free version.

Ta,

Rans6............
rans6andrew is offline  
Old 29th Jul 2018, 19:08
  #2 (permalink)  
Thread Starter
 
Join Date: Sep 2004
Location: Berkshire, UK
Posts: 660
ps. I wasn't sure whether to post this here or in Computer problems area. Feel free to move it Mods.
rans6andrew is offline  
Old 29th Jul 2018, 19:09
  #3 (permalink)  
 
Join Date: Feb 2004
Location: A place with no name
Age: 42
Posts: 144
Rans - that's horrid. You're going to hate me but in all honesty, if I were you I would do the following;

1. Backup entire computer(s)
2. Reinstall OS from scratch
3. Reset ALL passwords you have (Bank, Amazon, TV, phone - everything)
4. Reinstall all applications
5. Change all pin numbers where you have them

I may sound like I am scaremongering, but just earlier this year I worked with a company who had been impacted to the tune of 50K - while they had cyber insurance it was still a big hit. Granted you are a home user, but my advice still stands - protect the hell out of yourselves!

Anyhow - you may get a faster pooter after all that nonsense anyway!

Cheers

SB
SoundBarrier is offline  
Old 29th Jul 2018, 19:13
  #4 (permalink)  
I don't own this space under my name. I should have leased it while I still could
 
Join Date: Dec 2002
Location: Lincolnshire
Age: 76
Posts: 16,570
Check if a copy is still on the server.

Action Fraud will only take action if the fraud originates in UK.

If you can recover the message contact your ISP if your email address is on their server. If Hotmail or Gmail or Yahoo try and contact them.
Pontius Navigator is offline  
Old 29th Jul 2018, 19:17
  #5 (permalink)  
Thread Starter
 
Join Date: Sep 2004
Location: Berkshire, UK
Posts: 660
If you do a backup doesn't this just allow the nasties in your system to get carried through when you retrieve the backed up archive?
rans6andrew is offline  
Old 29th Jul 2018, 19:20
  #6 (permalink)  
 
Join Date: May 2004
Location: Москва/Ташкент
Age: 49
Posts: 781
Could you show us the letters (with anything that identifies you deleted)? Or the full e-mail X-headers (without your e-mail address exposed).

Sounds like a mass-mailing scam... password probably purchased along with thousands of others from somebody who managed to pull them from an insecure e-commerce/e-mail/other server, or some application both of you use that is not so common, malware disguised as third-party security software for example, I don't think you were targeted specifically, likely one of thousands.

That they must have emailed you provides a link to them in some way, you should look at the full e-mail headers and see if any clue from there, variety of tools you can use in fact.

One thing I can state fairly confidently is don't be worried, it most definitely is a scam. As for watching porn on the computer, I'd email them back and ask them if they'd like any recommendations.
flash8 is offline  
Old 29th Jul 2018, 19:24
  #7 (permalink)  
 
Join Date: Feb 2004
Location: A place with no name
Age: 42
Posts: 144
Originally Posted by rans6andrew View Post
If you do a backup doesn't this just allow the nasties in your system to get carried through when you retrieve the backed up archive?
I always start with a backup - depending on how you do it - you *could* browse the backup to get specific files you may need with reduced risk of reinfection. Again dependant on the source of the issue.
SoundBarrier is offline  
Old 29th Jul 2018, 19:26
  #8 (permalink)  
 
Join Date: Feb 2016
Location: Southport
Posts: 1,053
It's a scan. They will possibly have pulled a password from one site that has been compromised, and assumed that you reuse the password on other sites (as a lot of people do). Change your password on every site you can, and especially any email providers, then ignore it.
andytug is offline  
Old 29th Jul 2018, 19:27
  #9 (permalink)  
 
Join Date: Feb 2016
Location: Southport
Posts: 1,053
It is a lot harder to monitor people via a webcam than the Internet would have you think
andytug is offline  
Old 29th Jul 2018, 19:36
  #10 (permalink)  
 
Join Date: May 2004
Location: Москва/Ташкент
Age: 49
Posts: 781
It is a lot harder to monitor people via a webcam than the Internet would have you think
I disable the webcam in the BIOS and place a sticker over the camera (a trick I saw Mark Zuckerberg use). If I could have purchased the machine without one I would have!

Agreed almost impossible to remotely gain access to the camera and many have an LED by the lens indicating in use.
flash8 is offline  
Old 29th Jul 2018, 19:41
  #11 (permalink)  
Thread Starter
 
Join Date: Sep 2004
Location: Berkshire, UK
Posts: 660
if I was going to watch porn, a glacially slow netbook with a 10 inch screen (the only machine we have with a webcam built in) is not going to be the obvious machine to use.
rans6andrew is offline  
Old 29th Jul 2018, 19:46
  #12 (permalink)  
 
Join Date: Nov 2000
Location: Cambridge, England, EU
Posts: 3,415
Everybody gets those emails, what's different is the password. If it's an obsolete password that's not being used any more then that's probably no big deal - the criminals just bought a list of password-email address pairs off some other criminals who'd got it from hacking some compromised web site. As you don't re-use passwords for stuff you care about, do you, you're probably not at any risk. (You might be able to guess my PPRuNe password - but it wouldn't get you into my email or bank account.)
Gertrude the Wombat is offline  
Old 29th Jul 2018, 19:59
  #13 (permalink)  
 
Join Date: Mar 2009
Location: Inside
Posts: 285
By the look of things, they must a pretty penny those guys who send out those emails. Who was it that coined the phrase "There's on born every minute...."?
One Outsider is offline  
Old 29th Jul 2018, 21:19
  #14 (permalink)  
 
Join Date: Nov 2003
Location: Surrey
Posts: 155
I received exactly the same sort of email: would commonality be an issue? There’s this site, for a start......
(although the password quoted is an old one......I did email back asking if they could give me any recommendations, but silence so far....)
gruntie is offline  
Old 29th Jul 2018, 21:36
  #15 (permalink)  
 
Join Date: Nov 2008
Location: Darkest Surrey
Posts: 5,809
Originally Posted by flash8 View Post
I disable the webcam in the BIOS .
How ? as some us may like to do it
racedo is online now  
Old 29th Jul 2018, 21:57
  #16 (permalink)  
 
Join Date: Jul 2010
Location: Newcastle Upon Tyne
Age: 50
Posts: 1,324
Delete. Don't sweat it, get on with your life. 99% of scam emails can be dealt with like that.
Tashengurt is offline  
Old 29th Jul 2018, 22:36
  #17 (permalink)  
 
Join Date: Aug 2007
Location: Brazil
Posts: 67
Any responsible website stores passwords as hashes (i.e. encrypted). So the perps must have got them off some site that stored them as clear-text. If they're that incompetent it's no wonder they got hacked.
belfrybat is offline  
Old 29th Jul 2018, 22:44
  #18 (permalink)  
 
Join Date: May 2004
Location: Москва/Ташкент
Age: 49
Posts: 781
Any responsible website stores passwords as hashes (i.e. encrypted). So the perps must have got them off some site that stored them as clear-text. If they're that incompetent it's no wonder they got hacked.
Could have been encrypted, just using the old weak crypt library (*nix) and used by poor developers... the algorithms in that library were so poor as to be laughable... still crypt probably originated in the early 70's when computing power was trivial compared to today.
As you say could have been plaintext in some MySQL database that was then hacked.
My advice is to change passwords every six months or so, even if by one character.
Problem is its a right pain in the ass ))
flash8 is offline  
Old 29th Jul 2018, 23:17
  #19 (permalink)  
 
Join Date: Oct 2004
Location: California
Posts: 246
Originally Posted by rans6andrew View Post
My partner and I have both been sent threatening emails explaining how we had each been monitored via our webcams, watching porn on our computers.
Interesting. I received a similar email this morning. The password was one I was using with AT&T (now changed). Looks like a data breach somewhere. Malwarebytes didn't find anything on my machine.
MarcK is offline  
Old 29th Jul 2018, 23:18
  #20 (permalink)  
 
Join Date: Jun 2009
Location: UK
Posts: 76
Emails and passwords are gathered from the dark web as a result of someone hacking some site and posting the results. Many people foolishly re-use passwords on many sites so hacking the least protected gets access to the more secure ones . . .
Cross that with the increasingly clever social-engineering of Internet scammers and you have the " I own your system (and to prove it I sent you an email) scams

Your webcam has NOT been hacked and you DON'T need to pay them 6 trillion in bitcoins

DON'T RE USE PASSWORDS,, if you have change them NOW. You really don't need to wipe your PC /gargle with bleach / stand naked in a thunderstorm if you have a decent anti virus app installed.
Jetstream67 is offline  

Thread Tools
Search this Thread

Contact Us Archive Advertising Cookie Policy Privacy Statement Terms of Service

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.