This morning many people were waking up to emails they received warning them to pay up or else. What makes these emails believable is that the subject is the users name and their email password!
The email goes something like this:
If you received this email here are a few things you should do:
- Do not respond to this email
- Change your password if it is correct (It is likely that the sender got this password from a leak on the dark web)
- Monitor the dark web for any password leaks
- Check your computer for RDP and Firewall for what ports are open to the outside world
- Make sure you are running an Advanced Anti-Virus that can block zero-day threats as well as key loggers and other malicious software.
Unfortunately this tactic is not new, you can find similar emails on multiple websites and blogs. Hackers are getting smarter and using real data (like passwords) to convince you.
If you have any security concerns or got an email similar to this one and have questions don't hesitate to give us a call at 336.310.0277
UPDATE: Krebs on Security has posted about this Scam named Sextortion: https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/