In recent months, a new technique aimed at extorting money from Internet users has emerged. These are one or more emails sent to people who had, in the often very distant past, a compromised password. In this email, hackers communicate the compromised password recovered from databases maintained by other hackers and “take care” to describe how they obtained it. They also tell the victim that the password allowed them to access very compromising data (emails, photos, videos, etc.). In other cases, they simulate sending an email from the victim’s mailbox, making them believe that their account has been hacked. They then offer to settle this “amicably” by means of a payment of a certain sum in encrypted currency in exchange for the destruction of the data they claim to have collected.
This is of course blackmail based on a false threat because the hacker never had access to the victim’s computer. The purpose of this maneuver is to sow doubt by presenting a password that has been compromised on a platform or website where it has been used at some point. So do not give in to doubt but rather ignore the email and report it as spam when possible.However, you will have to abandon this password permanently and change it on all the platforms where it is still used.
In any case, vigilance is still required because it is the first weapon against this kind of practice. At novisoft, our teams remain at your disposal to help you identify the threats you could face and support you in the implementation and integration of best practices that will gradually become part of the reflexes of users.
Here is an example of these emails: