This article has been prompted by a recent spate of emails received by our clients. They’re also being received by customers of other ISPs. The emails include the recipient’s email address and a password, along with common claims such as:
- Your mailbox was hacked over 6 months ago
- The hacker has installed a rat (remote access trojan) on your computer
- The hacker has been spying on you and has some dirt on you
- If you don’t pay a ransom, he’ll tell all of your contacts/facebook friends/etc
If you have received such an email, your data was probably compromised in a data breach. To confirm this, visit https://haveibeenpwned.com (Opens in a new window) and enter your email address. While you’re there, sign up for the notification service which will let you know about future breaches as they come to light.
In most of the cases that we have seen so far, the password included in the blackmail attempt is actually NOT correct for the email address in question. We encourage you to check this first. If you’re not sure of your email password, visit our Webmail service (https://mail.virtual.net.au/surgeweb – opens in a new window) and try to log in with the details from the black mail email. If they work, please head straight to the Options Menu, select Preferences, then click on Change Password. Please pick a NEW password, not one that has been used anywhere before.
Aside from your email access though, it’s highly likely that the email address and password provided by the blackmailer have been used on at least one web site. You should go there and change your password also, as the details are known to what is likely to be multiple bad guys.
If you are in the habit of re-using passwords, the combination may have been used on more than one site. You should change the details on EVERY site where they have been used. Please use a different password for each site that you visit, and use a password manager to keep a record of them if you need to.
Virtual Computers provides remote support to assist our clients. If you’re concerned about your computer’s security, we can conduct a sweep for malware. If you need help with passwords, and you’d like to get a password manager, we can help by installing and demonstrating one for you. Fees do apply for this service. To find out more, please email email@example.com or call us on 1300 132351