It was not how I wanted to start my morning. I’ve been working on not picking up my phone to check emails first thing. However, this time I succumbed — only to see one of my old passwords as the title of one of my new emails. This grab for my attention was effective. Password as email subject is always a well-designed attention-getter, but not one that I’ll try on my marketing emails.
The email informed me that this individual had my password and had hijacked an unnamed porn website where I, supposedly, was a member. What’s more, this person claimed to have been able to install a keylogger into my browser. He claimed to have used this malware to take over my webcam and catch a video of me watching the alleged Internet porn.
The shady emailer was holding these imaginary videos over my head and threatening to send them to my “six contacts” unless I scanned a QR code and sent 3000 bitcoin. These six unfortunate individuals would also have to endure webcam sex videos of yours truly if I even so much as responded to this email message. The threat failed at being very threatening because I hadn’t visited any porn websites. I was more offended that the email suggested that I only have six contacts. But what was the most threatening is that the emailer DID have an old password of mine — and these days we have so many passwords that who knows where I might have been still using it.
I usually consider myself keen on phishing emails — most I can spot before I even open them. If I get as far as opening one, tell-tale signs alert me that they’re not representing the company that they purport to be. This one wasn’t making any bones about what it wanted to do: blackmail me. I couldn’t take this one too seriously. If someone had a webcam video of me, it would likely be of me in a French class on Zoom, or sitting around in my pajamas and writing or working with WordPress.
According to the FTC website, this email or its twin siblings have been circulating since April this year. Likely they’re related to one data breach or another. The message is the same: we have your password, we have your contacts, we have sex videos you’ve watched, and webcam videos of you watching them. We’ll send them to everyone you know if you don’t send us money.
So, what to do if you get an email like this? My usual response to phishing is to ignore and delete. I chose to report this one to the FTC. I wanted to copy and paste the body of the email message, but the text itself was a photo or pdf and unselectable. So I took a screenshot. However, the FTC’s form didn’t have an upload tool.
What can you do if you get a threatening scam email that threatens to blackmail you and demands bitcoin?
If you receive and email like this and you have not been victimized — that is, no money has changed hands already – you can do the following:
- Do not respond to the email. Do not send money. And don’t panic.
- Change the breached password on any website where you’ve used it (this is always a good idea to do from time to time, anyway.)
- If you’re in the US, you can report the email to the FTC. They have an online form for reporting all types of fraud and scams. They may not respond if the problem goes no further than an email (and it likely won’t), but you’ll have reported it.
- While the FBI has an Internet crime complaint form you can submit, I wouldn’t use that unless I were the victim of actual Internet crime and not just the recipient of a threatening email.
Some Ways to Recognize a Scam or Phishing Email
While this email that I received did not hide its intent to blackmail money out of me, most phishing emails are sneakier. They claim to be from a company: Amazon.com, your bank. Or they may threaten legal action for some vague crime you’ve never committed. An attempt to panic the already-anxious into responding!
My husband and I have become sometimes-connoisseurs of the, especially bad, phishing email. One variation on this that we’ve found amusing is the threatening voicemail. Usually, it’s a male, computer-generated voice that threatens legal action and even FBI involvement if you don’t respond, often to some vague, unnamed crime.
Despite our tendency to laugh at these, though, they’re not truly funny. Email and phone scams prey on people who are not likely to be as savvy to these maneuvers. I’ve known older adults with dementia who have fallen prey to scams with devastating results.
These are the tell-tale signs I see that alert me that what I’m seeing is a phishing email:
- Incorrect grammar. Improper grammar and poor word choices are the hallmarks of many phishing emails that I receive. If you’re in an English-speaking country, Amazon.com sends out emails that are in perfect English. So do banks and any other organization that might have a legitimate reason to email you.
- It doesn’t use your real name. These emails start with something like, “Dear Account Holder” or “Dear Valued Member.” Email from companies like Amazon.com or your bank will include your actual name and not just a placeholder.
- Bad graphics: The best phishing emails are quite good on this front. However, I’ve seen a few in which the low-quality logos immediately clued me in that this was a phishing email.
- Check the email it came from: If you have any valid emails from the company, this email purports to represent, compare the sending email addresses. Do they match up?
If you are in doubt at all, never NEVER click through the email. If there is an actual problem with your Amazon account, you’ll be able to find it by going directly to Amazon and logging in on their website. The same goes for your bank or any other place you hold an account.
We are sorry that you found this post to be like a weak cup of decaf.
Let us improve this post!
Tell us how we can improve this post?