“Your password” e-mail scam

My wife received this e-mail.

~~~~~~~~~~
I do know, xxx, is your password. You don’t know me and you’re probably thinking why you’re getting this e mail, right? In fact, I actually setup a malware on the adult vids (porn material) web site and guess what, you visited this website to experience fun (you know what I mean). While
you were watching videos, your browser started out operating as a RDP (Remote Desktop) that has a key logger which provided me accessibility to your display screen and web camera. Immediately after that, my software obtained your complete contacts from your Messenger, FB, and email. What exactly did I do?

I created a double-screen video. 1st part displays the video you were watching (you’ve got a
good taste ; )), and 2nd part displays the recording of your web camera. What should you do?Well, I believe, $2900 is a reasonable price tag for our little secret. You will make the payment by Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).

BTC Address: xxxXXXxxxxxXXXXxxxxXXXXxxxxXXXXXxxxxxXXXx

(It is cAsE sensitive, so copy and paste it)

Important:You now have one day in order to make the payment. (I have a special pixel in this e mail, and now I know that you have read this email message). If I do not receive the BitCoins, I will send your video recording to all of your contacts including members of your family, co-workers, and many others. Nonetheless, if I do get paid, I’ll destroy the video immidiately. If you really want evidence,
reply with “Yes!” and I definitely will send out your video recording to your 9 contacts. It is a non-negotiable offer, therefore please do not waste my personal time and yours by replying to this email message.
~~~~~~~~

Just so we’re clear the password is a password that she has used. After some research it seems that a lot of people have received this e-mail.

If you receive a similar e-mail, don’t be fooled. The password is from a data breach. There is no video, even if you visited a porn site. DO NOT SEND BITCOIN. If you are still using this password please change it. They have your e-mail address and password. They can get into sites that use this password. So start changing them now. But again there is no video and they do not have control of your computer. DO NOT SEND THEM ANY MONEY.

Network Security

In today’s world of Internet connections, network security involves more than just having secure passwords. See my article at https://gigasystems.com/createasecurepassword/ for help choosing a secure password.

Secure passwords are very important but they cannot protect you from every thing. A good password will not stop someone who can just bypass passwords all together. So let’s go over a few ideas to help stop the bad guys.

First and probably the easiest thing to do is keep everything up to date. Updates are written to fix known security holes and other problems. And it doesn’t matter what system you are using, Windows, Mac, Linux, or on-line programs like blogs and photo galleries. Also, let’s not forget your phone system. Even if it’s not connected to the Internet, it is accessible to the outside world through the phone lines.

Let’s start with the forgotten phone system. Modern phone systems have services that connect to the computer network and in many cases, the Internet. For these systems, there are usually updates available. It’s very important to keep up with these updates. The last thing you want is someone adding extensions to give out stolen credit card numbers or changing the password and locking you out of your own system. Older systems that do not connect to the Internet are still vulnerable. Most systems allow access to system features from any touch tone phone. Services like checking voice mail, making outbound calls, or making system changes. When I hear the prerecorded prompts, I can usually tell what brand of system it is (or I can just walk into your building and look at a phone to see what brand it is) and from there getting default passwords is pretty simple (you’ll want to make sure you change those). If I can tell what you have so can the bad guys.

On to the computers. So, you have all of your updates installed and you’re using strong passwords. You’re done right? Wrong. Most systems have a set of services installed by default. These are services that get used quite often. But if they are not used, they should be turned off. Next ,you should have a good firewall to filter who is allowed to connect to your network. That network service that didn’t get turned off could be giving out information usable to the bad guys, or provide a way into your network. Especially if it is not firewalled properly.

What about printers, routers, and other network devices? Some of these could have some big security holes that need to be addressed. If you have any concerns you should have Giga Systems come test your system to see how secure it is. These are just the basics, but doing a little due diligence now could save you from a lot of trouble down the road.