We have had some reports of people seeing so called “Save yourself“ email scam. The emails have the subject line similar to: Save yourself, Dirty video of you, Seen everything, Recorded you, I know everything, You better pay me, Your privacy and mainly sent from addresses that look like these: SaveYourself16@0870.com, saveyourself23@2182.com, SaveYourself28@7261.com, SaveYourself90@4276.com, and so on.
This email scam is a new variation on Bitcoin Email Scam. What is Bitcoin Email Scam? It is an email message from someone claiming to have compromising information and demanding ransom via Bitcoin to keep this from becoming public.
Our team continue to receive reports of fraudulent messages. Here below is an example of the latest variation of the “Save yourself” email scam:
Hi, I know one of your passwords is: xxx Your computer was infected with my private malware, your browser wasn't updated / patched, in such case it's enough to just visit some website where my iframe is placed to get automatically infected, if you want to find out more - Google: "Drive-by exploit". My malware gave me full access to all your accounts (see password above), full control over your computer and it also was possible to spy on you over your webcam. I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF! After that I removed my malware to not leave any traces and this email was sent from some hacked server. I can publish the video of you and all your private data on the whole web, social networks, over email of all contacts. But you can stop me and only I can help you out in this situation. The only way to stop me, is to pay exactly 800$ in bitcoin (BTC). It's a very good offer, compared to all that horrible shit that will happen if I publish everything! You can easily buy bitcoin here: www.paxful.com , www.coingate.com , www.coinbase.com , or check for bitcoin ATM near you, or Google for other exchanger. You can send the bitcoin directly to my wallet, or create your own wallet first here: www.login.blockchain.com/en/#/signup/ , then receive and send to mine. My bitcoin wallet is: 1EQSAqbFwiZhpHrg6Wy4xhySc9fPpt7DQw Copy and paste my wallet, it's (cAsE-sEnSEtiVE) You got 3 days time to pay. As I got access to this email account, I will know if this email has already been read. If you get this email multiple times, it's to make sure that you read it, my mailer script is configured like this and after payment you can ignore it. After receiving the payment, I will remove everything and you can life your live in peace like before. Next time update your browser before browsing the web!
Is this threat real?
Good news: thankfully, it’s fake. This email message is nothing more than a new Bitcoin Email Scam. Scammers got your password and associated email address from data breach dumps and are using it to shake you down.
Stolen Password
What makes this email scam different?
I know one of your passwords is: xxx … My malware gave me full access to all your accounts (see password above), full control over your computer and it also was possible to spy on you over your webcam.
It has your stolen password and uses that information to make itself appear real. The extortionist actually found it in data breach dumps. If the password emailed to you is one that you still use, then stop using it and change it right now!
Threat Summary
Type | Bitcoin Email Scam, Phishing, Scam, Fraud |
Subject | Save yourself, Dirty video of you, Seen everything, Recorded you, I know everything, You better pay me, Your privacy |
Sender | SaveYourself**@****.com (Examples: SaveYourself16@0870.com, saveyourself23@2182.com, SaveYourself28@7261.com, SaveYourself90@4276.com) |
Ransom amount | $800 |
BTC Wallet | 1EQSAqbFwiZhpHrg6Wy4xhySc9fPpt7DQw |
Distribution method | spam email campaigns |
Removal | To remove Save yourself spam virus our computer security experts recommend use the removal guide |
What to do when you receive “Save yourself” Bitcoin Email Scam
If you — or someone you know — gets an email like this, below are some easy steps which you need to follow:
- First and foremost, do not pay the cyber criminals!
- If the password emailed to you is your current password, then you should change it everywhere it’s in use.
- Use two-factor authentication wherever possible.
- We recommend creating a new password when you set up a new account.
- Report it immediately to your local police, and the FBI.
- It is a good idea to run a malware scan on all your devices to be sure that there is no malicious software installed.
- Install an anti-phishing software.
How to scan your computer for malware
Using a malicious software removal tools to detect and remove malware hiding on your machine is probably the simplest solution. We advises the Zemana AntiMalware program for Microsoft Windows PCs. Hitman Pro and MalwareBytes Free are other anti malware tools for Windows that offers a free malicious software removal.
Zemana Anti-malware is a malware removal utility. Currently, there are two versions of the application, one of them is free and second is paid (premium). The principle difference between the free and paid version of the utility is real-time protection module. If you just need to scan your PC system for malicious software and get rid of malware, then the free version will be enough for you.
First, visit the page linked below, then click the ‘Download’ button in order to download the latest version of Zemana AntiMalware.
164117 downloads
Author: Zemana Ltd
Category: Security tools
Update: July 16, 2019
After the download is complete, close all software and windows on your PC. Double-click the install file called Zemana.AntiMalware.Setup. If the “User Account Control” prompt pops up such as the one below, click the “Yes” button.
It will open the “Setup wizard” that will help you set up Zemana Anti Malware (ZAM) on your computer. Follow the prompts and do not make any changes to default settings.
Once installation is done successfully, Zemana Anti Malware will automatically start and you can see its main screen like below.
Now press the “Scan” button to detect malicious software. This procedure may take quite a while, so please be patient. While the Zemana tool is scanning, you can see count of objects it has identified as being infected by malicious software.
When that process is finished, Zemana will display a screen which contains a list of malware that has been found. Review the scan results and then click “Next” button. The Zemana will remove malicious software and add all security threats to the Quarantine. After the clean up is complete, you may be prompted to reboot the computer.
How to protect yourself from phishing web-sites
It is important to use ad-blocker programs like AdGuard to protect your system from phishing web-pages and harmful websites. Most security experts says that it’s okay to block unwanted advertisements. You should do so just to stay safe!
- Installing the AdGuard is simple. First you’ll need to download AdGuard from the following link. Save it on your Microsoft Windows desktop.
Adguard download
26660 downloads
Version: 6.4
Author: © Adguard
Category: Security tools
Update: November 15, 2018
- After the downloading process is complete, start the downloaded file. You will see the “Setup Wizard” program window. Follow the prompts.
- After the installation is complete, press “Skip” to close the installation program and use the default settings, or click “Get Started” to see an quick tutorial that will help you get to know AdGuard better.
- In most cases, the default settings are enough and you do not need to change anything. Each time, when you start your personal computer, AdGuard will start automatically and stop unwanted ads, block phishing web-pages, as well as other malicious or misleading websites. For an overview of all the features of the program, or to change its settings you can simply double-click on the icon called AdGuard, that is located on your desktop.
Finish words
If you have been the target of the Save yourself” Email Scam or similar Bitcoin Email Scam, then please drop me a line. And stay safe!.
I received 2 save yourself emails with different passwords. I use different passwords for different sites. One was an old one for Zappos and another was a current one for Myfitnesspal. I use the paid Bitdefender. The perp would have to received info from 2 separate dumps. My PC is the only common denominator, and I received them fairly close together. My ipad and iphone have never used the Zappos password. If those 2 firms both use the same server service, that would explain it.
The first one I got had one of my passwords which did freak me out, but obviously I knew it was a scam so I just changed that password on every account I used it for and I haven’t gotten another email with that password referenced. But I am now getting like one email a day referencing a different password that I’ve never actually used anywhere, it doesn’t mean anything to me, so I’m struggling to figure out where they got that password from in relation to my email address. Is there any way to stop the emails from coming altogether? They go to my spam folder, but they’re still disconcerting.