So I've had several clients call me with these questions; what is this?, do I have a virus?, is my account compromised?, what should I do?
First off, if you are still using the password in the email go change your passwords! Its also a good idea to use separate email address for work, personal finance and social media sites.
What is this?
These emails are being sent by scammers that have come into possession of compromised social media databases that included your email, unencrypted or poorly encrypted passwords and other info such as contacts.
Do I have a virus?
Perhaps but its not related to this email. Scan your system with a reputable antivirus scanner.
Is my account compromised?
If you are still using the same email address and password for any website, device or application then yes! you should change your password immediately.
What should I do?
Don't send the scammers anything, never send them money no matter what. Check your accounts for weak password and update them. Always use https and verify you are on the correct website. Don't share anything on social media that you don't want people to know, its not secure and at some point it very well could be used in the next database breach to try and extort money from you.
Here is the email example,
Subject Text:
somee-mail-address-you-used@social-media-site.compromised:$om3o1dP@$$w0rd
Body Text:
It appears that, ($om3o1dP@$$w0rd), is your password. You might not know me and you are most likely wondering why you're getting this e-mail, right?
in fact, I put in place a malware on the adult videos (porno) web site and you know what, you visited this website to have fun (you know very well what I mean). During the time you were watching videos, your internet browser started out functioning as a RDP (Remote Desktop) which provided accessibility to your screen and web cam. and then, my software programs obtained all of your current contacts from your Messenger, Outlook, Facebook, in addition to emails.
What did I really do?
I produced a double-screen video. First part shows the recording you're seeing (you have a good taste haha . . .), and 2nd part shows the recording of your web cam.
what exactly should you do?
Well, in my opinion, $1100 is really a fair price for your little secret. You will make the payment by Bitcoin (if you don't know this, search "how to purchase bitcoin" search engines like google).
Bitcoin Address: [some scammers bitcoin address] (It's case sensitive, so copy and paste it)
Very important:
You've one day in order to make the payment. (I've a completely unique pixel within this e mail, and at this moment I know you have read through this email message). If I do not get the BitCoins, I will certainly send your videos to all of your contacts including relatives, co-workers, and so on. Having said that, if I get the payment, I'll destroy the recording immidiately. If you want evidence, reply with "Yes!" and i'll certainly send out your videos to your # contacts. It is a non-negotiable offer, that being said don't waste my personal time and yours by responding to this message.