“You Have Been Hacked!” Don’t Fall for This Common Scam Email – 11/22/2024
Have you ever received a terrifying email claiming someone has hacked your computer, watched you through your webcam, and gathered your personal files? If so, you’re not alone. These types of scam emails are becoming more common and are designed to frighten you into paying up. Let’s take a closer look at how this scam works and why you shouldn’t worry.
“Your computer has been hacked!” – what the email says
The first thing you need to know is that this email is designed to scare you. It will often claim that your computer has been hacked, and that someone has gained access to all your files, messages, and even emails. To make things even more chilling, it might say that they’ve been watching you through your webcam.
This message is all about creating panic. The scammers want you to feel vulnerable and out of control, which makes you more likely to meet their demands. But before you react, remember that this is all just a tactic, a very common trick to prey on fear.
The cryptocurrency demand
These scam emails often end with a demand for cryptocurrency, such as Bitcoin, in exchange for not releasing your so-called “private” information. They’ll give you a short deadline to pay up, making it sound urgent and dire. They know that if they can pressure you into acting quickly, you might not have time to think logically or seek advice.
The scary part: mentioning your real password
One thing that makes these emails particularly unsettling is that they sometimes mention a password you recognize, perhaps even a password you still use! This can make the threat seem very real, but here’s what’s really going on.
Your email address and passwords may have been part of a public data leak at some point. Large-scale data breaches have affected platforms such as LinkedIn, Facebook, and many others. When these breaches happen, hackers often get hold of millions of usernames and passwords. They then use this information to craft convincing emails to make their scam look legitimate.
It’s a good reminder of why using a unique password for every account is so important. Using a password manager can help with that, and adding two-factor authentication (2FA) adds another layer of security.
The good news: it’s just a scam
The good news is that this email is just a scam. No one has access to your computer, files, or webcam. These scammers are relying on scare tactics to pressure you into paying. The best thing you can do is not respond and delete the email.
The scammer has no control over your computer. They just hope you’ll be frightened enough to believe them and send money. By ignoring them, you take away all their power.
We’re here to help
We understand how stressful it can be to receive an email like this, especially when it mentions something as personal as your password. If you ever feel unsure or need help figuring out what’s real and what’s not, feel free to reach out to us. The only real concern here is that your password may have been leaked, and anything using that password should be changed.
We can help you set up a password manager and two-factor authentication to keep your accounts safe. Don’t be afraid to give us a call; we’re here to help you feel safer and more confident with your computer.
How SIM Swaps Bypass Your Online Security, 5/2/2024
Have you ever been in the middle of an important phone call or task on your phone when you suddenly see those dreaded words, “SOS only” or “No Signal”?
Most of the time, it’s simply due to poor signal strength in your area or a temporary glitch with your carrier’s network. But what if losing your phone connection wasn’t so innocent?
What if an unknown hacker actively removes you from your mobile number to take it over for their own malicious purposes? This is the frightening reality of a cybercrime called “SIM swapping,” and it’s a growing threat that has affected many unwitting victims.
How Hackers Carry Out SIM Swapping
Hackers gather personal information, such as your name, date of birth, and address, through data breaches or social engineering. They then contact your mobile carrier with enough information about you to answer the verification questions. They impersonate you and claim to have lost your SIM card.
Mobile network carriers that don’t sufficiently verify customers often make it possible for a hacker to convince an employee to port your phone number to a new SIM card under their control.
This is done without triggering notifications to your devices or email addresses. Within minutes, you could find yourself disconnected from your mobile number while the hacker now receives all calls and texts intended for you. The whole process can be carried out remotely.
The Risks of Losing Access to Two-Factor Authentication
Once hackers control your phone number, they can bypass the two-factor authentication that protects many of your online accounts. Most major services send one-time verification codes via text when you attempt to log in from a new device. With your SIM swapped, these codes get diverted to the hacker.
This can then allow the hacker access to your emails, finances, cryptocurrency, and any other service that uses SMS-based two-factor authentication.
To make matters worse, restoring access to your accounts becomes a nightmare without your phone number.
Preventing SIM Swapping Attacks
Unfortunately, SIM swapping is not a new issue and may become even more prevalent as hackers develop more advanced techniques, such as deepfaking. However, there are some precautions you can take:
Do not share personal details unnecessarily online or over the phone. Be wary of attempts at social engineering.
Limit what information you make publicly available on social media profiles or in public records.
Use authentication apps such as Google Authenticator or Authy instead of SMS-based codes wherever possible.
Contact your mobile carrier and ask them to put a PIN or passcode on your account as an extra security step before any changes can be made.
By taking these steps, you can help protect yourself from having your phone number and online accounts compromised by SIM swapping.
Staying vigilant about cybersecurity is important for everyone in the digital age.
LetMeIn101: How the Bad Guys Get Your Passwords – Passwords are essential to your cybersafety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your laissez-faire attitude is one way bad guys access your passwords.
Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.
Tip: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.
Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.
Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.
If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.
Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it unique to you.
The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.
Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.
Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.
Tip: Be cautious about your online activity on computers or networks you don’t trust.
Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.
Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.
These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cybercriminals?
Check out these additional helpful articles: How Do Hackers Get Passwords? – Click Here
Avoiding and Reporting Scams – Click Here
10 Signs of a Phishing Email | How to Identify Phishing Attacks – Click Here
Contact our experts today! Call us at (651) 456-8655 or visit our Contact page.
Stay Safe Shopping Online This Holiday Season (11/29/21) – Retail research tells us that over 75% of people are shopping online each month, and, with the holiday season upon us, you’re likely to be one of them. But don’t let the appeal of convenience distract you from the need to stay safe when shopping online.
The number of digital buyers is steadily climbing. In 2020, according to Statista, more than two billion people purchased goods or services online. During the same year, e-retail sales surpassed $4.2 trillion U.S. dollars worldwide.
Retailers are embracing the change in consumer behavior. But, do you know who else is taking advantage? Cybercrooks. Before you buy, consider these strategies to stay safe.
#1 Question that great deal
If a deal looks “too good to be true,” it probably is. You’re not going to get a new Apple laptop for $29.99, or the latest Beats headphones or Xbox gaming console for under $20. Anyone offering you that price is trying to lure you to their site to enter your payment details, so don’t be surprised when your product never arrives!
#2 Review safe seller feedback
While scrolling social media you see adverts for perfect gifts for someone on your list. And it’s so easy to click the link and buy! Still, before purchasing, take the time to research the seller.
Read the feedback from other buyers on independent sources. It adds only a few moments to check sites such as Trustpilot and Google My Business.
#3 Research the business domain
Think about it: who are you more likely to trust with your sensitive data? Someone who has been in business 10 years or someone who set up shop 10 days ago? Quickly check how long a business website has been around. Enter the URL into the Internet Corporation for Assigned Names and Numbers’ lookup tool [https://lookup.icann.org].
#4 Watch out for email scams
Before clicking on any offer links in emails, check the URL. You can hover over the link before actually redirecting there and check the target. Double-check that the address is to the site you’re expecting.
Also, slow down and be sure that the address doesn’t have any typos or atypical endings. You don’t want to confuse www.nike.com with www.n1ke.co and end up a victim of identity theft instead of the proud owner of the latest Air Max.
#5 Check safe payment site security
There are several ways to verify the security of a payment site. These include:
verifying that the site uses an SSL certificate – it will start with “https” instead of “http”;
checking for a physical address and phone number – call the contact number to confirm it is not fake;
reviewing the Terms and Conditions and Return and Privacy policies – any reputable brand has these!
#6 Pay with Online Payments
When you do decide to buy, prefer to pay using PayPal or another online payment tool. You won’t be giving the seller your credit card details. If you can’t take this approach, use a credit card from a credit account rather than debit. You will have more protection this way. You can start a chargeback through your credit card company when the item isn’t as advertised and the seller’s customer service doesn’t help.
Before online shopping, at any time of the year, update your operating system, and keep your anti-virus software current, too.
Inver Grove Heights Residents – Don’t Fall Victim to Webcam Blackmail. Many users have reported recent scam messages from individuals claiming to have intercepted their username and password. These messages often state they have been watching your screen activity and webcam while you have been unaware.
Typically, attackers threaten to broadcast footage to your contacts, colleagues, or social media channels. Demanding payment in Bitcoin, malicious hackers blackmail their victims to keep confidential information private.
Where Have the Attacks Come From?
In many cases where hackers have claimed to have a victims’ password, this has turned out to be true.
In the last few years alone, many large websites have suffered enormous hacks which have released confidential details on many of their users. LinkedIn, Yahoo, and MySpace all suffered massive and devastating hacks. Some users of these services are still feeling the consequences today.
The details leaked from these sites, and others facing the same issues, are sold online for years after the initial breach. Hackers buy username and password combinations in the hopes of reusing them to access services, steal money, or blackmail their owners.
How to Respond
If you have been contacted by one of these hackers, it is a scary reality that they could have access to your credentials, data, and online services.
The only thing you can do in response to this type of email is to ignore it. This “we recorded you” email is a scam made much more believable because they probably do have one of your real passwords gained from a site hack.
That said, accounts that share the same password should be changed immediately. Security on additional services you use should be updated too.
Self Defense On the Web
When using online services, a unique password for every site is your number one defense. A good password manager makes this practical and straightforward too.
Using a different password for each site you use means that hackers can only gain access to one site at a time. A hack in one place should never compromise your other accounts by revealing the single password you use everywhere.
Often, people think that maintaining many passwords is hard work or even impossible to do. In truth, it’s almost always easier to keep tabs with a password manager than it is to use the system you have in place today.
A high quality and secure password manager such as LastPass, or 1Password, can keep track of all your logins efficiently and securely. They often offer the chance to improve your security by generating random and strong passwords that hackers will have a tougher time cracking.
Password management services offer a host of features that help you log in, remind you to refresh your security, and make your safety a number one priority. After using a manager for just a short time, you can be forgiven for wondering how you managed without it.
If you think you might have been hacked already, or want to prevent it from ever happening, give us a call today at (651) 456-8655 to update your security. You may also visit our contact page HERE.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.AcceptNoPrivacy policy
Recent Comments