Bitcoin Email Scam

Bitcoin Email Scam

A new email scam has been circulating over the past few weeks and it has generated a lot of concern so we thought we would address it before anyone falls victim to the scam.

In this new scam, the sender claims to have hijacked your computer using a stolen password to secretly record videos of you viewing adult themed content online. The sender threatens to expose the video to your contact list if you do not pay them Bitcoin.

We've seen several variations to the wording in these emails, but most of them include something like this:

"When you were viewing video clips, your internet browser began functioning as a RDP having a key logger which gave me access to your display screen as well as webcam. Immediately after that, my software program gathered all of your contacts from your Messenger, Facebook, as well as e-mail . After that I created a double-screen video. 1st part displays the video you were watching (you've got a good taste lol . . .), and 2nd part shows the view of your web cam, yea it is u."

Punctuation and grammar issues aside, many of these emails include your password, or at least a password you used at some point in the past. The combination of a threat to reveal sensitive videos and knowledge of what may still be one of your real passwords makes this new scam feel more legitimate than most.

If you received one of these emails, your password was most likely acquired in a data breach along with your username (which is most often your email address). Myspace, Twitter, Yahoo and many other major service providers have announced security breaches over the past few years and it's pretty likely your password was compromised at that point.

We recommend taking a couple of steps to safeguard your accounts.

  1. Delete the threatening email.
  2. Change your email password and your login password for any of the major service providers who have announced a data leak. You should never use the same password for more than one account.
  3. Check to see if your email address is listed in any compromised databases.

For additional reading see these articles:

Posted September 28, 2018

Share this article