You might have heard of sextortion scams. It’s basically a cyber criminal who sends emails to people stating that their computer has been hacked. He then goes on and says that their victims (through their webcams) plus browsers have been recorded while visiting porn pages. They then try to get money out of the situation by blackmailing the recipients of their mails.
It’s an easy scam, and not a lot of people fall for it. But the fraudsters have upped their game. In the past they would do so by adding a password from their potential victims to the mail – which of course helped a lot. Some of the scammers were able to make up to 50 000 dollar a week.
According to Bleepingcomputer and Daniel Verlaan, the criminals are stepping up their game though: Instead of just sharing your stolen password with you, they now pretend to have sent the mail from your mailaddress – which is “proof” that they actually have your account data. While the original scam was being sent in dutch, SecGuru found an English version soon after – so expect to see the scam in more and more languages over the next couple of days.
It’s not real – DO NOT PAY!
Most people, of course, would not fall for a sextortion like the above one, even if they were visiting porn pages. Getting a mail that’s seemingly from your own mailadress though looks very convincing and gives the whole story a kind of gravity that could push some very scared individuals to actually pay up.
DON’T! Your secret is still safe. Your friends / spouse / boyfriend / girlfriend / parents will never know what you did. This mail is NOT being sent from your account. It’s just simple mail spoofing – where a mail with a forged sender address is being sent. While some do it as a prank, some want to scam you. Just ignore them and you will be perfectly fine.