"Bad News, You Have Been Hacked" Email Scam Reviewed
We have good news for you. First, you're not alone. Thousands of people have received the very same email. Second, neither your operating system nor your email has been hacked (although it seems quite the opposite).
We first heard about this scam from our users who started to contact our support team asking for help. A few hours later that same day we synced with experts from our Anti-Malware Lab and reviewed the case.
Importantly, if you got this email, you are safe and there is no urgent threat to your system or likely even your email. Most likely you’ll need to do some security housekeeping, but you’re not at real risk. We’ll dive into the details later on, but here’s what these scam artists were up to.
Long story short, scammers are trying to trick people into thinking that their operating system has been hacked, that their browsing history and contact list have been stolen, and — most importantly — that they've been recorded watching adult content.
These cybercriminals threaten people to share embarrassing records with the victim's entire contact list unless their demands are met. The demands are pretty standard: a $813 payment in Bitcoins to be made within 50 hours.
Below is our explanation of what happened and a detailed guide what to do if your email has been "hijacked," and you received an email saying "I hacked your operating system and got full access."
Sextortion scam "I greet you I have bad news for you" is manipulation
Email scams are nothing new. Neither are sextortion scams.
The scheme used for this new email scam has been around for years. Despite being hilariously simple, it is quite believable (and we all know that believability is a key component for a successful scam).
- First, hackers made this email look like it was sent from your own account.
When victims see an email sent from their own email address, they quickly jump to the conclusion that their emails have been hacked for real. However, it's nothing but email spoofing — a hacker trick that makes emails look like they've been sent from a legitimate source (in our case, from a victim's own email). It gives the perception of being legitimate, although it is absolutely not.
- Second, hackers say they have recordings of you.
However, they most certainly don't. It's quite typical for cybercriminals to claim that they've got pictures or records of a victim doing something inappropriate. In most cases, though, they provide no other proof rather than words. Spammers send the very same email to thousands of people hoping that at least some will fall for the scam and pay them money. This no-real-proof threat is designed for those who act faster than they think. If hackers had recordings of you, they wouldn’t miss a chance to use them as proof.
- Third, they claim they've obtained control over your operating system and email by installing a trojan via a vulnerability found in your router.
In reality, neither your operating system nor your account has been breached. At least not recently. Most likely, hackers made use of email addresses and passwords that have been leaked in one of the massive leaks such as a sadly remembered Linkedin Breach or similar (you can find whether or not your email has been compromised in a data breach via Have I Been Pwned service).
What to do if you got "I hacked your ecosystem and got full access" email?
- First, do not pay.
Spammers send such emails to thousands of people hoping that at least some will fall for this scam and pay them money. Don't be one of those who do. It's perfectly normal to feel worried when reading such an email, but don't let panic cloud your thinking. It's panic that helped hackers make more than $4 million in their email scam activities.
- Second, change passwords for email and all important accounts.
Having a unique password for each account is one of the basic rules of online security hygiene. To better protect your email and other accounts from unauthorized entries, enable two-factor authentication whenever possible.
- Third, check your computer for viruses, malware, and spyware.
To make sure there are no viruses, malware, or spyware on your device, perform a comprehensive scan and clean up all suspicious files found. In fact, scanning your Mac is something you should do regularly, not just when feeling under the threat of scam. Not only will this minimize your chances of being attacked by scammers, but it will also help your computer perform to its fullest capacity long-term.
The closing word on the recent sextortion email scam
Email scams have become increasingly common these days, especially sextortion ones.
In light of this, there's one thing you need to keep in mind. No matter how unpleasant and believable they might look, such emails are quite innocent unless you fall for them. As long as you simply ignore them, they can do no real harm.
So if you received an email like this, all you need to do is follow 3 steps described above: do not pay, change passwords, scan your computer.