Fake Blackmail Emails using Real Passwords

Fake Blackmail Emails using Real Passwords

There is a new particularly sinister Fake Blackmail Email scam. These sextortion email scams are fooling recipients into paying criminals.

The recipient is panicked into believing that their password has been compromised.


These Sextortion emails work like this:

The senders claims that they have installed malware on the recipients computer and activated the camera on their device. They have then captured video of the recipient visiting porn sites. They then threaten to send the video to all the contacts in the recipients address book if you do not pay the ransom via Bitcoin. To prove that they have access to the recipients account they often include a password. This is usually an old password. However, this is enough to panic recipients in to paying, making the scam very effective.


An example of a typical Sextortion email:


I’m a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I captured it.
Your password from email- adddres@hotmail.com on moment of crack: Password34

Of course you can will change your password, or already made it.
But it doesn’t matter, my rat software update it every time.

Please don’t try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I’ve never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!) I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I’m sure you don’t want it. I definitely would not want to …

I will not do this if you pay me a little amount.
I think $839 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1PL9ewB1y3iC7EyuePHjilkjMty

If you have difficulty with this – Ask Google “how to make a payment on a bitcoin wallet”. It’s easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen – all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won’t help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.

Don’t panic. The scammers do not really have the compromising video or access to your contact list as they claim. However, the scam emails may appear considerably more credible because they include one of the recipient’s real passwords as “proof” that their claims are true.

The scammers know that if you receive an email that actually includes one of your passwords – even an old one that you no longer use – you may be much more inclined to believe the claims and pay up. The inclusion of the password suggests that the scammer really does have access to your computer and may have really created the video as claimed.



Even if you have not visited any porn sites, the fact that the scammer has apparently accessed your computer or accounts and harvested your password is naturally quite worrying.

So, how are the criminals getting these passwords? The most likely explanation is that they are collecting the passwords and the associated email addresses from old data breaches. Experts have pointed out that the passwords in the emails are very old and no longer being used. This data is sold on the DarkWeb and criminals are using it to carry out the fraud.

It is not unusual to receive a batch of these emails making demands from $50 to $2000.

If you receive one of these emails:

  • Do not reply or respond.
  • Do not pay
  • However, if the email includes a valid password that you currently use, you should change the password immediately.
  • Never use the same password on more than one site.
  • You can check if an account has been compromised in a data breach by entering the associated email address into https://haveibeenpwned.com