Is the email a Scam?
Your personal data has leaked due to suspected harmful activities email is a ‘sextortion’ scam that relies on psychological manipulation tactics. Scammers claim to have obtained information that could damage the victims reputation. Criminals usually contact potential victims through email, but in some cases, criminals can use online web forms, whatsapp and sms messages.
Scammers use stolen email credentials to send out scam messages to millions of people around the World. The messages are sent to email addresses exposed in previous known data breaches in which the user email address and password has been compromised.
In some cases, sextortion scam emails may contain real passwords that the victim has used in the past (or even uses). Usually passwords are appended to these messages as proof, that is, if the password was actually used by the victim, then what is described in the email is true. Scammers get these real passwords by buying them on darknet.
Here’s an example of the “The “Your personal data has leaked due to suspected harmful activities.” scam email:
- Is the email a Scam?
- Should you pay?
- What to do when you receive the scam message?
- How to spot a phishing email?
- Report Scam Email
The Scam Email in detail
In this particular case, the scam email says that someone calling himself a professional hacker has been watching the victim, because the victim’s computer has a harmful spyware, which is a Trojan that allows the attacker to completely control the computer and even record video from the computer’s camera. The scam email claims that a video was recorded showing the victim masturbating while browsing porn sites. This video will be sent to the victim’s email addresses and messenger contacts if the victim does not pay the ransom to the bitcoin address provided in the email.
The scam email is not the only one of its kind, there are many similar ones. They all have similar features: statement that the victim’s computer and webcam were hacked, threats that the attackers recorded a compromising video, and a ransom demand. Explanations that scammers use to explain how they have access to your camera and privacy:
- They set up malware on adult (porn) website.
- They penetrated with “zero-click” vulnerability on Zoom or Pegasus.
- They got your credentials (login and password) from hackers.
Depending on the scam email, victims are given 24 to 48 hours to pay a ransom in Bitcoin. The sextortion emails also contain claims that the victim’s contact information was stolen, allegedly the hacker copied the victim’s contact list and social media credentials. And finally, Sextortion scams contain threats, the victims must pay a ransom, or compromising materials will be sent to their contacts.
Typically, sextortion scams are sent via email, thousands at a time, and are part of larger spam campaigns. As with many other types of scams, scammers are evolving their methods to deliver their messages to potential victims. Such attacks can be personalized and sent out in smaller numbers to avoid detection. Scammers can use reputable services, change and personalize the content of each message, and avoid including links or attachments – all in an attempt to bypass security.
Full text of the scam email:
I am a professional hacker and have successfully managed to hack your operating system.
Currently I have gained full access to your account. In addition, I was secretly monitoring all your activities and watching you for several months.
The thing is your computer was infected with harmful spyware due to the fact that you had visited a website with porn content previously.
Let me explain to you what that entails. Thanks to Trojan viruses, I can gain complete access to your computer or any other device that you own.
It means that I can see absolutely everything in your screen and switch on the camera as well as microphone at any point of time without your permission.
In addition, I can also access and see your confidential information as well as your emails and chat messages. You may be wondering why your antivirus cannot detect my malicious software.
Let me break it down for you: I am using harmful software that is driver-based, which refreshes its signatures on 4-hourly basis, hence your antivirus is unable to detect it presence.
I have made a video compilation, which shows on the left side the scenes of you happily masturbating, while on the right side it demonstrates the video you were watching at that moment…
All I need is just to share this video to all email addresses and messenger contacts of people you are in communication with on your device or PC.
Furthermore, I can also make public all your emails and chat history. I believe you would definitely want to avoid this from happening.
Here is what you need to do – transfer the Bitcoin equivalent of 850 USD to my Bitcoin account (that is rather a simple process, which you can check out online in case if you don’t know how to do that).
Below is my bitcoin account information (Bitcoin wallet): 12nEVuGNtRFMVjeVmLtD4nt2sHX68S47yH
Once the required amount is transferred to my account, I will proceed with deleting all those videos and disappear from your life once and for all.
Kindly ensure you complete the abovementioned transfer within 50 hours (2 days +). I will receive a notification right after you open this email, hence the countdown will start.
Trust me, I am very careful, calculative and never make mistakes.
If I discover that you shared this message with others, I will straight away proceed with making your private videos public.
Should you pay?
The best advice is: Don’t pay the ransom and do not reply! Sometimes scammers will escalate if you reply. If you receive the sextortion email scam, just ignore the scammers. The best way to deal with the scam email is simply to move it to trash!
|Name||Your personal data has leaked due to suspected harmful activities. SCAM|
|Type||Sextortion, Phishing, Bitcoin Blackmail Scam|
|Ransom amount||850 USD|
|Distribution method||spam email campaigns|
|Removal||If you gets an email like Your personal data has leaked due to suspected harmful activities., our computer security experts recommend follow some easy steps below|
Examples of such scams
There are many sextortion scams circulating via email. Scammers often change the content of emails in order to deceive victims and bypass the security system. I’m a hacker who hacked your operating system, I hacked your device, FINAL WARNING Email are other examples of sextortion scam emails.
What to do when you receive the scam email
We advice to someone who gets this fraudulence message:
- Do not panic.
- Do not pay a ransom.
- If there’s a link in the scam email, do not click it, otherwise you could unwittingly install malware or ransomware on your computer.
- Report the email spam to the FTC at https://www.ftc.gov/.
- Mark the scam email as SPAM/JUNK and delete it.
- Scan your computer for malware.
- Install an anti-phishing software.
If you suspect that your computer is infected with spyware, you accidentally clicked on a link in the scam email, or just want to scan your computer for malware, then use one of the free malware removal tools.
How to spot a phishing email?
Phishing emails often share common characteristics; they are designed to trick victims into clicking on a phishing link or opening a malicious attachment. If you know these characteristics, you can detect phishing emails and prevent identity theft.
Here are some ways to recognize a phishing email
- Inconsistencies in Email Addresses. The most obvious way how to spot a scam email is finding inconsistencies in email addresses and domain names. If the email claims to be from a reputable company, like Amazon or PayPal, but the email is being sent from a public email domain, such as “gmail.com” it’s probably a scam.
- The domain name is misspelt. Look carefully for any subtle misspellings in the domain name. Like arnazon.com where the “m” has been replaced by “rn”, or paypa1.com, where the “l” has been replaced by “1”. These are common tricks of scammers.
- Generic greetings. If the email starts with a generic “Dear”, “Dear sir” or “Dear madam” that is a warning sign that it might not really be your shopping site or bank.
- Suspicious links. If you have the slightest suspicion an email may be a scam, do not click on the links you see. Instead, hover over the link, but don’t click it. This will pop up a small box that contains the actual URL. This works on image links as well as text links.
- Unexpected attachments. Email attachments should always be verified before clicking. Any attachments should be scanned for viruses – especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, .scr, etc.).
- The email creates a sense of urgency. Creating a false sense of urgency is a common trick of phishing emails. Be suspicious of emails that claim you must call, open an attachment or click a link immediately.
Report Scam Email
If you receive a scam email that is similar but not the same as the example above, make sure you remove any personal info in this message, then post it as comment on this article. This helps us to warn users about current scams, monitor trends and disrupt scams where possible.