Monday, February 25, 2019

Need help thwarting an online blackmailing attempt.

Hi Guys,

So, an elderly member of my family just received an email blackmailing him to send $800. The content of the email was this:

  1. In the first line of the email, the blackmailer mentioned a password, which was one time used by my acquaintance, but now is defunct. This was what made the email stand out from other spam messages.
  2. Then they mention that my acquaintance had visited a pornographic website, "xxx videos" and that blackmailer had made a "video" of the event and has access contacts in FB, Messenger and "e-mailaccount".
  3. Then they threaten to send the video (of the video he was watching and also him watching the video) to all the contacts unless he pays to a bitcoin account.
  4. They mention not to contact the authorities as they have covered their steps and won't be traceable.

My acquaintance uses an old windows 7 laptop and has a decent free antivirus protection. And what takes the cherry is that he has put sticker on the webcam of the laptop. He read an article in the newspaper advising him to do so. LOL. But might have "inadvertently" clicked on a pop-up/email for a porn re-direct, which he claims he closed. This happened sometime in the past.

From the stand point of his laptop, what can we check for? Ran the antivirus which did not reveal anything alarming. Based on his best guess, he might have used this password on IRCTC website. Which might explain how the blackmailer got his registered email and password. Maybe the IRCTC accounts have been hacked, but this is just a guess at this stage.

More than anything, my acquaintance is livid that he has been targeted for a blackmail like this and is considering going to the police. He's not concerned about the "video" per se. Going by the email address, the weblink for the bitcoin ransom, would the police be able to trace the blackmailer?

Please let me know your thoughts on this and maybe also have a chat with oldies/less tech savvy members of your family about general internet security. I've just done mine. :)

Cheers


No comments:

Post a Comment