• Nick Thomas

Password security breaches


Over the past week I've received several calls from customers advising that they'd received a threatening email. The email has come in the form of a threat to privacy, claiming to have video footage of them from their webcam and their pornographic search history, and also claiming that they have access to their facebook account and email contact list. Long story short - don't stress, it's a bluff.

Short story long: The threat is that unless they pay some arbitrary amount of money in bitcoin ( $2000USD seems to the popular figure), that they'll release the data and footage and you'll live out your life in 'much shame and guilty' - their grammar is so quaint. I've received one of these before myself, but I don't even have a webcam... What this usually is is that a website or service (anything that requires a log in) has had its database breached and hackers have gained access to a list of usernames (usually email addresses) and passwords and have then on-sold this information on the darkweb to whomever is willing to pay for it. Now someone has an email address and a password, so they send out a threatening email to as many addresses as they can, giving the password as proof, claiming to have you by the balls (literally, if you're a guy) - it has a lot more gravitas than threatening to screw up all the information on your LinkedIn profile. The website linked to by the image above - Have I been Pwned? - has been around for quite some time now and lists a LOT of email addresses that have appeared in database breaches. You can go to the site, enter your email and see from what breached services your address appears - recently it appears as though part of the Kayo (2018) or LinkedIn(2016) databases are being used for this type of extortion

35 views

Technology Blog

Authorised re-seller of

ESET Antivirus

0409 60 99 44
Joondalup, Western Australia