We have just received an email trying to obtain money, blackmailing us saying we have been looking at porn sites etc, which we have not. The worrying thing is that apart from havng our correct email the scammer had our password almost complete, in fact its a password we had used a few years ago. We have been asked to pay $2900 using Bitcoin which of course we are not going to do. Has anyone any idea how this may have happened, that someone out there has our old password along with our email and how we can prevent it being used for any illegal purposes and if we should report it to the police.
First, here are the top tips for staying safe online.
It is worrying if an old password has become known. Even more worrying that your current password(s) are nearly the same as your old one. This in itself is a security issue as the new password may be more easily 'computer-guessed' using the old one as a starting point.
The website https://haveibeenpwned.com/ will tell you if your old email was hacked.
Have a look at this UK Government website: https://www.cyberaware.gov.uk/ In particular check out the password security bit for using an ultra-strong password that's different for each service you use. There's a link to Action Fraud (bottom left) for reporting if you have been a victim of cyber-crime.
We have received one exactly the same today. The password quoted was an old one which I haven't put in to my computer for years. I used it for BHS, Ancestry, Clarks shoes and Boots in the days before it was advised that we didn't use the same password for more than one account. I wonder if any of those accounts have been hacked. Did you have accounts with any of those?
We are ignoring it too as we have nothing to hide. But, like you would like to know where to report it.
I had this 2 days ago and reported it to Action Fraud UK. You should do the same. Scammers asked for $9000 paid in Bitcoin and had part of my email address/user name and an old password, which was changed after the TalkTalk hacking. Whether this was how they got details I don'y know, but I wonder. Sometimes these things have a 'long tail'. I also alerted the scammers' addressto the one given by Action Fraud: NFIBPhishing@city-of-london.pnn.police.uk
They are co-ordinating it wherever you are. Don't part with any money and importantly cover your webcam when you are not using it so people can't take a shot of you and/or watch what you key in on the keyboard. I am now paranoid so that when not in use I switch off and remove the plug from the socket of our 'smart' toaster!
I too have had one of these emails, using an old password. I seem to have got off lightly, I was only asked for $1,000.
Looking on the list from the Have I Been Pwned website, posted above, one of the sites that has been hacked is MySpace. I did create an account on that using the password they quoted, many years ago. I haven't been into it for years and never put any personal information on it, so I'm not too concerned, apart from the fact these sites can be hacked and your password revealed.
I have been changing passwords as a precaution though.
I have received an email which says my Pipex account has been hacked - they appear to have sent the email from my Pipex address (this is my personal name not the system - 4 letters and 2 numbers - one given to me when I joined Pipex many years ago). They state the password which I use for some sites but it is not my Pipex password. I logged onto "My Account". Under "My Details" I selected Login details" and was presented with a screen showing my email account and another which I don't recognize so I deleted it. I changed the password of my account (the letters and numbers one) but this only seems to alter the password for logging into My Account as I can still obtain emails with Outlook using my old password. What am I doing wrong? I can't see my personalised email address. Can I delete my Pipex email and create a TT one so the hacker won't be able to find it or must I always have a Pipex address ?
I too have had a similar email (several times), which demands a bitcoin payment in order to destroy "incriminating evidence" of my internet site visits. They also have camera footage of me watching the sites, which is marvellous, as I don't have a webcam.
I've just come back off holiday to a whole swatch of these 'you have been hacked' things and stuff apparently sent by me which hasn't been. I know know how to find the source and will be sending these to Talk Talk to deal with. BUt I wonder if they do anything about it and how to stop these sill things coming in the first place. I could set up a new email account but it is all the bother of telling my large circle of contacts about a change and I just don't have the time. Talk Talk - it's over to you. Can an ACE help all of us please?
Here's the advice article on Reporting a Scam Email.
The TalkTalk Security Team have investigated and will continue to check out the scam emails. The bitcoin blackmail scam emails investigated early on in this current wave of criminal activity were not being sent from customer accounts as claimed in the emails but from a continually changing set of IP addresses that do get blocked when identified as spam senders.
Once the scammers know your email address it's not that easy to stop them sending you emails. They'll just keep changing to an unblocked IP address. You can always try setting up a filter using the keyword 'bitcoin' to identify and trash the incoming.
Apologies but I've just posted this elsewhere on the forum but think it's better suited here;
I have an old pipex email account that I rarely use having moved provider some years ago but my pipex account is receiving lots of spam emails and I've receive one recently (which has come from my own pipex email address) which says my pipex email has been hacked and accuses me of watching porn and demanding Bitcoin payment. I think it's a scam but I now want to remove my Pipex email address so I no longer receive emails - I've just spoken to TalkTalk and they say they can't help me because I'm not a Talk Talk customer.
Has anyone managed to remove their Pipex address and if so how?
I've replied to your other post that has been moved to the email forum.
Sorry to see you got the "cannot help you because you're not a TalkTalk customer" from the Customer Services, possibly because their priority is to help TalkTalk customers.
But here, on Community, you will find the help you're looking for.