Over the last couple of months, email scams from cybercriminals have been hitting us, our clients and a lot of others who have shared copies one particular scam email across online forums to seek advice. When we first saw the email, it was a little concerning due to the sensitive information quoted in the email.
Since we have had clients receive this email over the last few weeks as mentioned above, we will try and eliminate some of your stress and give you some advice on what to do in the instance of receiving this email.
Firstly, to give you a bit of an insight, the email has been generated from a cybercriminal, possibly a ‘botnet’. A botnet is basically a network of compromised computers used by cybercriminals/hackers to send out spam and phishing emails.
The email that we have come across looks similar to this one:
Although this email does contain some poor grammar, the cybercriminals that put this particular email together have done this very well in order to blackmail the recipient into paying a substantial amount of money in 48 hours, believing that their data will be destroyed.
After reading the email, we immediately looked up the email address that the email was sent to on a site that confirms whether the email address has been compromised in a data breach – https://haveibeenpwned.com. We did discover a couple of breaches through the search for the email address in question, which is not uncommon and has been reported in the media over the last few years. If you do look up your email and discover a few breaches and haven’t changed your password since the time of the breach, we recommend that you do this immediately.
We suspect that this breach occurred quite some time ago as it contained a password that isn’t in use anymore (one being over 10 years old). You will note that some breaches occurred 5-10 years ago but were only reported in the last couple of years. In this specific instance as well, the email address that this was sent to wasn’t associated with any social media accounts (as mentioned), so this eliminated any panic. For those that we know who have received the email, it has contained an old password no longer in use. If you know that this is definitely an old password that hasn’t been used in years, there is probably nothing to worry about. However, if it contains a current password, our advice would be to change your email password immediately and make sure none of your current accounts use the password quoted in the email.
Generally speaking, an email like this should land in your spam/ junk mail folder. However, if do you receive this email in your inbox and it contains an old password you used to use or receive any email similar, check your email address on https://haveibeenpwned.com and make sure you have changed your passwords for any services that come back as compromised. Be sure that you aren’t using the password quoted in the email for any other logins.
In having said all the above, if you have any concerns at all, please contact our friendly techs who will be happy to go through this with you. It is better to double check these things just to be sure as a precaution, as unfortunately you can never be too careful when it comes to your privacy and your data. They can talk to you through the email and scan your computer for any potential malware threats etc.