This discussion is locked.
You cannot post a reply to this discussion. If you have a question start a new discussion

Cyber Security

Former Community Member
Former Community Member
Hi, Anyone here have experience getting an email from unknown (SPAM folder). I use Yahoomail & received an email from a random person saying that they have hacked my email account & demanding money within 48 hours or else they will lock my device after 48 hours. Is there any way to prevent from the device being locked?
  • My guess is that they are bluffing, have you any reason to believe otherwise?
  • Former Community Member
    0 Former Community Member
    Hi,

    thank you for your reply. The reason why i believe this specific email is because they have correctly mentioned the password that i had used for this particular email account some time back.
  • Some old security hacks have provided rich pickings for these scammers. Just make sure your current details are secure.
  • Former Community Member
    0 Former Community Member
    Hi,

    Yes my current login credentials are secure as far as i know.

    Thank you very much for your replies.
  • Former Community Member
    0 Former Community Member
    Hi Karthikeya,

    I cannot tell if there is reason for concern so take the following with a grain of salt.


    This sounds like a known scam where people are contacted with very personalised emails. The scammers add a real password that they took from public breaches - you can check your email at HaveIBeenPwned.com if any passwords of yours are out there. This adds a strong element of trustworthiness and many people do genuinely panic.


    The most popular scam I know of is actually a threat that they have embarrassing images from the laptop camera; or that the user has been visiting less-than-recommended websites. Then a password that the person recognises makes it really convincing.


    All in all, my guess is they do not know anything that can hurt you and they are just trying to phish you. But only you can tell :)


    hope it helps!

    --v



    Vitor Jesus
    http://www.vitorjesus.com

  • My experience is these are generally people trying to get you to confirm your details, so do not reply. The second stage if you do reply is that you get a further email, which if you do open it may take control of your pc.


    I would suggest that you change your email password and if on Windows change your Microsoft password. Make the password a minimum of 10 characters.


    Check your email address via haveibeenpawnd.com


    Block the sender but beware because the second email usually comes from a different email address you need to keep an eye out.


    Finally back up your pc and make a boot disk.


    Also some scammers are loading Linux and partitioning the disk drive. They then change the boot sequence and take control from the Linux partition. Once they have done this they delete the Windows admin accounts. Hence why you need a backup and boot disk.


    Hope this helps.
  • Former Community Member
    0 Former Community Member
    Hi Karthikeya,


    Yahoo was hacked In 2013/4 and 1 billion account details were compromised. Therefore this is probably how they know those details. So it is more than likely a bluff. I’d change your password and configure two factor authentication/in app authentication using Yahoo email/Yahoo News just to be sure from the email side.


    If you have clicked on a link/attachment from a phishing email then you may have a more serious problem of your computer/device possibly being compromised - they could have deployed a Trojan downloaded to undertake the harvesting of personal details. So I’d run a reputable antivirus application if it’s a computer you are using (whether Windows, Mac or Linux). If you are running Android on a device I’d also run something like Avast app. 



    Dave B

  • Easiest solutions are to change your email passwords and block the typical content.

    Once you have changed your password, and if you have not yet blocked the content, then you may see future emails but with the older password.

    The senders are usually automated from the pawned databases.

    Your email system may also have a spam/phish email you can forward the email to which helps your email provider.

    Just don't reply!! 


    Its probably a regular scam tactic but double check. You can read similar stories and see postings of similar phishing online with some simple keyword searches.

    The usual obvious scam is a font/picture/graphic of the demand letter.


    :) Keep swimming and don't eat the bait!! :)



  • Former Community Member
    0 Former Community Member
    Hi Vitor Jesus ,


    Thank you for your reply.

    I tried checking at haveibeenpwned.com & found that my email address & password were both affected in the public breach.


    In it happened in two different times:


    Anti Public Combo List (unverified)

    Compromised data: Email addresses, Passwords



    LinkedIn

    Compromised data: Email addresses, Passwords


  • Former Community Member
    0 Former Community Member
    Hi David Bird ,


    Thank your for your reply.


    I have already activated the two factor authentication & changed the password as per your recommendation.


    I will also try to run an Antivirus in my laptop.