by adding a password from their potential victims to the mail – which of course helped a lot. Some of the scammers were able to make up to 50 000 dollar a week.
According to Bleepingcomputer and Daniel Verlaan, the criminals are stepping up their game though: Instead of just sharing your stolen password with you, they now pretend to have sent the mail from your mailaddress – which is “proof” that they actually have your account data. While the original scam was being sent in dutch, SecGuru found an English version soon after – so expect to see the scam in more and more languages over the next couple of days.
Most people, of course, would not fall for a sextortion like the above one, even if they were visiting porn pages. Getting a mail that’s seemingly from your own mailadress though looks very convincing and gives the whole story a kind of gravity that could push some very scared individuals to actually pay up.
DON’T! Your secret is still safe. Your friends / spouse / boyfriend / girlfriend / parents will never know what you did. This mail is NOT being sent from your account. It’s just simple mail spoofing – where a mail with a forged sender address is being sent. While some do it as a prank, some want to scam you. Just ignore them and you will be perfectly fine.