THE DUTCH NATIONAL ANTI-FRAUD HOTLINE

Something fishy?
Report fraud to us between 09.00 and 17.00 Monday to Friday.

Porn blackmail scammers using public passwords

13 July 2018

Scammers have come up with a new version of the blackmail scam email. They’re sending out messages in English that start off with: “I know xxxx is your password”. Unfortunately, the password shown happens to be in use by the recipient.

Next, the email suggests that you were caught on camera while visiting a porn site. In addition, the scammers have hacked your computer. They’re demanding a certain amount in bitcoins.

We’ve warned about similar blackmail scam emails before. As far as we can tell, the difference with the one circulating now is that the victims are people whose email addresses and passwords were published online in 2016 following a hack. The blackmailers are using these lists of leaked passwords to put their targets under pressure.

Here’s an example of such an email (click to enlarge):

Our advice
Don’t respond to this email. The sender uses information that is publicly known. There’s nothing that can be done about it. It’s unrelated to any possible visit to a porn website. Your computer has NOT been hacked.

Because the blackmailers are using passwords that have been put online, you are advised to change these password immediately on all the sites where you use them. Use a unique and strong password for each website.

For convenience and ease of use, you may want to check out a password manager.  The advantage is that you will only need to remember a single password (sentence). There are quite a few free password managers, such as 1Password, LastPass and KeePass. Severalconsumer and computer websites offer good overviews and user manuals.