AN IT company has warned of a new online sextortion scam which they say is 'causing a lot of misery and stress' to computer users by sending them their own hacked passwords.
The phishing email is causing panic to many users because it identifies one of their account passwords and claims it has information on their online activity, which they will share to family and friends unless paid ,200 in bit coin. Dash.ie in Dundalk, Co Louth has asked people to be vigilant after receiving up to 15 calls a day from 'stressed out' customers across the country who have received the email over the last few weeks.
Their customer base includes dozens of clients from Meath, some of whom have rang the company worried about how their password had been taken. But the email appears to have spread nationwide now and users in other counties are also being affected.
The email states: ‘I'm aware ...is your password. You don't know me and you're probably thinking why you are getting this mail, right? Well I actually placed a malware on the adult video clips (porno) web site and guess what, you visited this website to experience fun (you know what I mean). ‘While you were watching video clips, your internet browser started out working as a remote desktop with a key logger which gave me access to your display screen as well as web camera.
‘Just after that, my software program gathered every one of your contacts from your Messanger, Facebook and email.’ It then offers the user a chose to pay them ,200 through bitcoin within 24 hours or face the video being sent to all their contacts. Unbelievably, the phisher says it only wants the money as compensation for time spent investigating them and warned that the 'cops' won't trace him.
Managing director of Dash.ie, Dalton Dullaghan told his local paper The Meath Chronicle this week that people should not panic, not email the fraudster back, change all of their passwords and turn off their webcam when not in use. ‘We've been getting a lot of calls from stressed out people on this sextortion scam that's doing the rounds at the moment,’ he said.
‘On average, the passwords that I have seen have been ones that the users actually do have in use on the internet at various places which adds a sense of realism and panic to the email.
‘Most likely, an account associated with the email address has been compromised at some point – such as the well documented breaches in Facebook and LinkedIn - and the criminal is using details already available on the dark web.
‘I would be very worried that this kind of email could have tragic consequences on a vulnerable person who may be driven over the edge by this.
‘Never pay the bad bounty and turn on the two step authentication of all accounts where possible.’