A new email phishing scam emerged today that tries to blackmail you for Bitcoin.

A new email phishing scam emerged today that tries to blackmail you for Bitcoin.


Beware of an email message that claims someone has hacked your account. The email message claims that on 06/28/2018 someone hacked your operating system and obtained full access to your account.

Change your password immediately. Your account has been hacked

The email claims that malware is on your device and that “it is useless to change the password, my malware intercepts it every time.”

The purpose of the email is to frighten the target enough to pay the scammer in Bitcoin (BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP or other). For example, the email says that “a month ago, I wanted to lock your device and ask for a small amount of money to unlock” and then further states that they “looked at the sites that you regularly visit, and came to the big delight of your favourite resources.” To add to this the scammer says “I’m talking about sites for adults.”

To make it more frightening the email then says “I made a screenshot of the intimate website where you have fun” and then threatens to send the pictures to your relatives, friends, and colleagues if you do not pay up.

This is just another sextortion scam of the many that have been in circulation, so do not pay the scammer. The email can be frightening because it shows the past or current password to your email account and the message appears to be sent to you from your own account; However, the email was not sent from your own account. A third-party email spoofing service was used and this can be proven by the IP address used to send the email.

If you received an email message that says “I have bad news for you” (or other) and appears to be sent to you from your own email address, ignore it. The message is fraudulent and no one actually hacked your email account and device.

Email message campaigns like this have been making circulation following recent breaches that occurred on websites like LinkedIn and Adobe. To see where your email information may have been leaked from check out https://haveibeenpwned.com/. You can input your email address to locate where your information was leaked.

Here’s what is written in the email message:

Subject: Change your password [your password] immediately. Your account has been hacked.
From: [your email]
To: [your password]

I greet you!

I have bad news for you.
06/28/2018 – on this day I hacked your operating system and got full access to your account [your email]
On that day your account ([your email]) password was: [your password]

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say – you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $988 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
– Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

Here’s a second version of the email message:

Subject: Mail delivery failed: returning message to sender
From: Mail Delivery System
To: [your email]

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

hanea.rasezine@gmail.com
(ultimately generated from [your email])
host smtp.mailchannels.net [52.41.197.171]
SMTP error from remote mail server after end of data:
550 5.7.1 [CS] Message blocked. If this is a false positive, please report this to your hosting service provider. See https://console.mailchannels.net/insights/bounce?auid=[your email host]&sender=[your email]&txid=480f40be1b83dc2b
Reporting-MTA: dns; [your email host]

Action: failed
Final-Recipient: rfc822;hanea.rasezine@gmail.com
Status: 5.0.0
Remote-MTA: dns; smtp.mailchannels.net
Diagnostic-Code: smtp; 550 5.7.1 [CS] Message blocked. If this is a false positive, please report this to your hosting service provider. See https://console.mailchannels.net/insights/bounce?auid=[your email host]&sender=[your email]&txid=480f40be1b83dc2b
Subject: Change your password [your password] immediately. Your account has been hacked.
From: [your email]
To: [your password]

I greet you!

I have bad news for you.
06/28/2018 – on this day I hacked your operating system and got full access to your account [your email]
On that day your account ([your email]) password was: [your password]

It is useless to change the password, my malware intercepts it every time.

How it was:
In the software of the router to which you were connected that day, there was a vulnerability.
I first hacked this router and placed my malicious code on it.
When you entered in the Internet, my trojan was installed on the operating system of your device.

After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.

I want to say – you are a big pervert. You have unbridled fantasy!

After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I took off your joys (using the camera of your device). It turned out beautifully, do not hesitate.

I am strongly belive that you would not like to show these pictures to your relatives, friends or colleagues.
I think $988 is a very small amount for my silence.
Besides, I spent a lot of time on you!

I accept money only in Bitcoins.
My BTC wallet: 15ZHnf1MPn6ybb8yUeAoCQ1AJtiKhg3NrP

You do not know how to replenish a Bitcoin wallet?
In any search engine write “how to send money to btc wallet”.
It’s easier than send money to a credit card!

For payment you have a little more than two days (exactly 50 hours).
Do not worry, the timer will start at the moment when you open this letter. Yes, yes .. it has already started!

After payment, my virus and dirty photos with you self-destruct automatically.
Narrative, if I do not receive the specified amount from you, then your device will be blocked, and all your contacts will receive a photos with your “joys”.

I want you to be prudent.
– Do not try to find and destroy my virus! (All your data is already uploaded to a remote server)
– Do not try to contact me (this is not feasible, I sent you an email from your account)
– Various security services will not help you; formatting a disk or destroying a device will not help either, since your data is already on a remote server.

P.S. I guarantee you that I will not disturb you again after payment, as you are not my single victim.
This is a hacker code of honor.

From now on, I advise you to use good antiviruses and update them regularly (several times a day)!

Don’t be mad at me, everyone has their own work.
Farewell.

As you can see, the email can appear legitimate to many people. But, the same exact message has been sent around the internet to many people and there have been many campaigns like it in the past. For example, a previous email claims that a hacker cracked your email account. If you have never visited an adult website, you will still receive the same message. If your device does not have a camera, they will still claim to have recorded you through your camera.

In conclusion, do not pay BTC to the scammer and do not reply to the fraudulent email message. The only thing you need to do is change the password to your email address and other accounts you have for safe measure.

The email message does not mean that your computer is infected with malware; However, if you would like to scan your computer for malware and other potentially malicious files from your computer we recommended to use Malwarebytes.

Leave a Comment

Your email address will not be published. Required fields are marked *