A number of my customers have reported recent scam messages from individuals claiming to have intercepted their username and password. These messages often state they have been watching your screen activity and webcam while you have been unaware.
Typically, attackers threaten to broadcast footage and your web browsing details to your contacts, colleagues, or social media channels. Demanding payment in Bitcoin payments, malicious hackers blackmail their victims to keep confidential information private.
Where Have the Attacks Come From?
In many cases where hackers have claimed to have a victims’ password, this has turned out to be true, but usually its not because you have been hacked – but rather that a company you have had dealings with has.
In the last few years alone, many large websites have suffered enormous hacks which have released confidential details on many of their users. LinkedIn, Yahoo, Myspace and TalkTalk all suffered massive and devastating hacks. Some users of these services are still feeling the consequences today.
The details leaked from these sites, and others facing the same issues, are sold online for years after the initial breach. Hackers buy username and password combinations in the hopes of reusing them to access services, steal money, or blackmail their owners.
How to Respond if You get One of these Emails
If you have been contacted by one of these hackers, it is a scary reality that they could have access to your credentials, data, and online services. That said, accounts that share the same password should be changed immediately. Security on additional services you use should be updated too.
The only thing you can do in response to this type of email is to ignore it. This “we recorded you” email is a scam made much more believable because they probably do have one of your real passwords gained from a site hack, but that does not mean that they have access to your computer or Webcam.
Self Defence On the Web
When using online services, a unique password for every site is your number one defence. A good password manager program makes this practical and straightforward too.
Using a different password for each site you use means that hackers can only gain access to one site at a time. A hack in one place should never compromise your other accounts by revealing the single password you use everywhere – unfortunately we still do come across customers that only use one password for everything.
Often, people think that maintaining many passwords is hard work or even impossible to do. In truth, it’s almost always easier to keep tabs with a password manager than it is to use the system you have in place today.
A high quality and secure password manager such as LastPass, or 1Password, can keep track of all your logins efficiently and securely. They often offer the chance to improve your security by generating random and strong passwords that hackers will have a tougher time cracking.
Commentaires