A little something about everything

internet marketing and website development made simple..

It appears that, ($om3o1dP@$$w0rd), is your password. You might not know me and you are most likely wondering why you're getting this e-mail, right?

So I've had several clients call me with these questions; what is this?, do I have a virus?, is my account compromised?, what should I do?

First off, if you are still using the password in the email go change your passwords! Its also a good idea to use separate email address for work, personal finance and social media sites.

What is this?

These emails are being sent by scammers that have come into possession of compromised social media databases that included your email, unencrypted or poorly encrypted passwords and other info such as contacts. 

Do I have a virus?

Perhaps but its not related to this email. Scan your system with a reputable antivirus scanner.

Is my account compromised?

If you are still using the same email address and password for any website, device or application then yes! you should change your password immediately. 

What should I do?

Don't send the scammers anything, never send them money no matter what. Check your accounts for weak password and update them. Always use https and verify you are on the correct website. Don't share anything on social media that you don't want people to know, its not secure and at some point it very well could be used in the next database breach to try and extort money from you.

Here is the email example,

Subject Text:

somee-mail-address-you-used@social-media-site.compromised:$om3o1dP@$$w0rd

Body Text:

It appears that, ($om3o1dP@$$w0rd), is your password. You might not know me and you are most likely wondering why you're getting this e-mail, right?

in fact, I put in place a malware on the adult videos (porno) web site and you know what, you visited this website to have fun (you know very well what I mean). During the time you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) which provided accessibility to your screen and web cam. and then, my software programs obtained all of your current contacts from your Messenger, Outlook, Facebook, in addition to emails.

What did I really do?

I produced a double-screen video. First part shows the recording you're seeing (you have a good taste haha . . .), and 2nd part shows the recording of your web cam.

what exactly should you do?

Well, in my opinion, $1100 is really a fair price for your little secret. You will make the payment by Bitcoin (if you don't know this, search "how to purchase bitcoin" search engines like google).

Bitcoin Address: [some scammers bitcoin address] (It's case sensitive, so copy and paste it)

Very important:
You've one day in order to make the payment. (I've a completely unique pixel within this e mail, and at this moment I know you have read through this email message). If I do not get the BitCoins, I will certainly send your videos to all of your contacts including relatives, co-workers, and so on. Having said that, if I get the payment, I'll destroy the recording immidiately. If you want evidence, reply with "Yes!" and i'll certainly send out your videos to your # contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by responding to this message.


 

Using a SSL Certificate for RDP

Create and install a certificate using IIS or import a pfx file, the cert can be SHA256 or whatever you want.

Open your Cert Manager,

  • Run/open "MMC"
  • File, Add/Remove Snap-in, Certificates, OK
  • Expand the folder with your cert (generally Personal, Certificates)
  • Right Click the Certificate, Open
  • Details tab, near the bottom choose thumbprint and select the HASH VALUE
  • remove the spaces from the HASHVALUE
  • open a Command Prompt with elevated privileges
  • run the following command using your SSL cert's thumbprint hash value in place of "HASHVALUE" remove the quotes.
    • wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="HASHVALUE"
  • It should say "Updating property(s) of ...
  • then it should say .. update successful

That's it, you're done.

How to stay secure online: Passwords, security and compromised sites, Oh my!

Best things to remember for password and email security,

  • Passwords, Have a secure password with a minimum of 8 characters including small and capital letters, 1 or more symbols, as well and at least 1 number.
    • Don't use easy to guess passwords that contain pets, kids, parents and/or sibling names or birth dates.
    • Make your password something you would never share with anyone, many people use a favorite color, food, etc.. which they also post to social media sites like facebook.
    • Separate your passwords, never use the same password for everything, if a website that you use is compromised(updated: recent example linkedin database compromised) then all of the stuff you use could become compromised. Generally its a good idea to use three or more passwords with variations of those passwords that you can change around for example H3l!0WoR!D, Hell0w0r!d, HelloW0rlD. This allows you to use basically the same password in many places but if one place is compromised it will minimize the impact since you are using a variations of the passwords in each place.
    • Try to avoid needing password security questions and hints, don't give real answers that a potential hacker can find with little effort.
  • Public terminals, Don't use public terminals to check your email or bank information as they can contain key-loggers which will compromise your account to hackers including government agencies.
  • Free WiFi, Don't use public unencrypted free WiFi to send and receive email unless you are browsing and checking email with SSL only. (https:// for sites and webmail or SSL in your email configuration)

This may seem like a lot of work but having identity theft or compromised personal information will be a lot worse.