You’ve probably seen the news where a staggering 500 million guests of the Marriott group (includes Sheraton, Westin and W) have had their data hacked after staying in the hotels.
As major websites get hacked, and the news says “millions of accounts compromised” – what that often means is that the list of usernames/passwords have been stolen. So now if you use the same password on more than one site, hackers can more easily get access to your other accounts.
A very common email scam
So hackers now email people to extort money, and including passwords where possible to add to the fear.
It’s a common thing lately, to get an email that claims to have your password (and might actually include a password you recognize, maybe current or from 10 years ago). Then say they’ve been watching you, and you’re very naughty, and you should pay them some money (always via bitcoin) to make sure nobody finds out.
Here’s a typical email (we sometimes get as many as 5 a day to various email accounts we have here at Tailored):
“……………………A month ago, I wanted to lock your device and ask for a small amount of money to unlock.
But I looked at the sites that you regularly visit, and came to the big delight of your favorite resources.
I’m talking about sites for adults.
I want to say – you are a big, big pervert. You have unbridled fantasy!!!
After that, an idea came to my mind.
I made a screenshot of the intimate website where you have fun (you know what it is about, right?).
After that, I made a screenshot of your joys (using the camera of your device) and joined all together.
It turned out beautifully, do not doubt.
I am strongly believe that you would not like to show these pictures to your relatives, friends or colleagues.
I think $766 is a very small amount for my silence………………………”
They don’t actually have access to your computer
They don’t actually have access to your account/computer like they claim. But if the email you get actually contains a password you use, you should change that immediately.
Our advice:
1) Don’t pay them any money.
2) If the email includes a password that you’re still using for anything, change that password immediately.
3) You should use a different password on every site, so that if one provider is compromised, your other accounts are not automatically at risk.
The chances are a password you use online will be compromised at some stage. So having that same password across your Internet banking, critical web accounts and more is not a great move.
Hope that helps. As always, any questions please let us know on 07 5534 1228 or here.
Cheers
