There is currently a wave of scams online that are currently using old passwords tied with E-mails to blackmail people into surrendering large sums of money in the form of bitcoin, in order to supposedly buy silence and peace of mind.
Episode #9-12 released on November 4, 2018
There are only a few problems with this, and today, I will focus on each of the aspects, so before you go out and spend any money on these scams, listen carefully.
The Scenario plays as follows, you get an e-mail. It may have a valid password, although invalid passwords, or old passwords have occurred. The e-mail starts by stating they have infected an adult content, or other, web-site and have been monitoring you, and have recorded video of you doing things you would rather not have others see. They go further by stating that you have to pay a fairly substantial amount in bitcoins within a set amount of days or a number of your friends or family will be sent the videos. They include the bitcoin address, and how to obtain bitcoins online.
I am definitely down playing the e-mail, because of a few issues with it. Whenever a company has a password breach, you are obliged to change your password. It is good practice to have different passwords for every web-site. Chances are the password shown is no good. The second issue is your email address. They probably got it from the same database of information they got your old password. At this point, it is safe to say that most of you are probably safe, regardless.
Now, Microsoft pushed hard for everyone to move over to Windows 10. While, I am not a fan of forcing people to upgrade operating system, I definitely see why it would be a good idea. Constant updates, that everyone has to do, makes our computers safer. Browsers, also, update frequently. Antivirus and antimalware software are, also, constantly updating. Many higher end applications, also, push update alerts. This is on top of sandboxing techniques that prevent code execution outside the applications, and coded safeguards that prevent web-sites and other applications from opening your camera or using your microphone without permission. Ignoring the fact that many may not even have a webcam or microphone to begin with. And, many bigger web-sites are scanned daily or more often for malware code, too.
What does that mean? The likelihood, that a person, getting an old password with an email, having the necessary skills to infect a web-site in such a way to compromise a browser, and have the operating system just allow the webcam turn on, especially without the light, using unsigned code, especially in newer, updated, operating systems is virtually zero. And, many of those who don't have up to date operating systems, probably don't have a working webcam or microphone anyway. But, you don't have to take my word for it. Every good browser has a site settings option where you can check if a web-site has access to your webcam, microphone, or other devices and information. Frankly, a web-site has to ask permission to access your webcam, microphone, location, and other USB devices.
Don't be the victim of these scams, delete the email, and just make sure your current passwords do not match the one shown. Also, make sure every web service and device have a unique password. If you have many passwords to keep track of, use a service like LastPass, and turn on two factor authentications for every site possible, including LastPass. A benefit of LastPass is the ability to automatically update passwords with a new stronger password. Also, make sure your software is always up to date.
Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net