Drive By Exploit Email Scam – ‘I recorded you’ Drive By Exploit Email Scam – ‘I recorded you’
(Last Updated On: January 7, 2020)Email scams have always had something of a laughable reputation in the IT industry. It’s amusing, if a little... Drive By Exploit Email Scam – ‘I recorded you’
(Last Updated On: January 7, 2020)

Email scams have always had something of a laughable reputation in the IT industry.

It’s amusing, if a little irritating, when you receive an email from an individual claiming to be the President of some obscure country who desperately needs your help. It is even more amusing when you find the President of said country wants to transfer $100 million dollars to you ASAP. The problem? The funds can’t be released without your bank details.

However, recently an email has been circulating that has a more ominous tone. It is much more sinister and represents a step up in not only the access to information the scammers have but also the depths to which they’ll sink to rip-off the innocent.

What This Scam Looks Like

‘I recorded you – XXXXX’

or

‘I know everything – XXXX’

or

‘All your privacy – XXXX’

Where XXXX is the password you use (or have used) to access a website or online service. The email then goes on to make some pretty bold claims:

‘My malware gave me full access and control over your computer, meaning, I got access to all your accounts (see password above) and I can see everything on your screen, turn on your camera or microphone and you won’t even notice about it.

I collected all your private data and I RECORDED YOU (through your webcam) SATISFYING YOURSELF!

After that, I removed my malware to not leave any traces.’

After this frankly ridiculous speil we reach the real reason the email was sent: to get your money. The sender claims that in order to prevent this embarrassing information from being distributed online you need to make a payment of $900 worth of bitcoin to the supplied bitcoin address.

In short, the focus of the email is nothing more than online blackmail. It is aimed at exploiting a fear of social embarrassment. It also plays into a fear of the ‘digital-unknown’. That somehow, someone hacked into your computer and could possibly do so again at anytime. These two fears are especially prevalent in the connected age in which we live.

We’ve been asked a lot about this email and it has people worried. If you’re one of them – don’t panic. Here’s exactly what you need to know about this cruel scam and what you should do about it.

Should I Pay Them?

No. You should never pay any scammer.

Also, consider this: the email you have received has undoubtedly gone out to hundreds-of-thousands, if not, millions of people. Bitcoin transactions are also completely anonymous.

This means our ‘hacker’ has no way of telling who has or hasn’t paid. And even if they could tell it would represent a huge administrative undertaking to manage this. So, even if you paid their demand could you guarantee they would acknowledge this and not carry out their (admittedly false) threat?

Secondly, if the ‘hacker’ really did have access to the information they claim to have surely they would have attached an embarrassing picture and a link to your Facebook profile. Heck, they could even have used your name in the email! Nope, they literally have no info on you other than a password and an email address.

What Should I Do With The Email?

If you recognize the subject don’t open the email and simply click delete. If you do open it and your browser asks if you load the remote content always ignore or deny this request. Your best action is inaction. Never engage with a scammer.

What Can I Do To Remove The Malware/Virus?

There is no malware or virus. Your computer/phone/tablet certainly isn’t infected as a result of receiving this email. This kind of ‘hack’ is called social engineering and its nothing more than a 21st century version of an old school con.

It plays on fear and is trying to trick you into handing over money by deception. It’s something the advertising industry is very savvy to and they use it to get us to buy all of the time.

This is analogous to the dodgy windows salesman who offers you exceptional discounts of thousands of pounds on your quote after calling his boss to get you the ‘best’ deal. The only catch? You need to sign on the dotted line now because only 2 more people can claim this offer! Plus, they’ve already sold 5 in the last two days, so this amazing deal won’t be around long.

The fear of loss is a big motivator and often bypasses our logical thinking. This means we can be fooled into buying or signing up to contracts that we usually wouldn’t, had the fear tactic not been used to pressure us.

How Did They Get My Password?

The one thing we can tell you is the sender of this email is no master hacker. If they had the technical expertise they claim to have you’d probably find the money was already missing from your account.

This means they didn’t hack into your device and steal your details. Nor were they cleverly snooping your WiFi connection and harvesting your information – or any other hi-tech and complicated technique such a scam typically claims to have used.

No, this expert ‘hacker’ more than likely purchased your details from the dark web. Data breaches are becoming more and more common and so is the sale of information from such breaches online. With this in mind, it is more than likely a login you use to access a site on the web has been compromised and simply listed for sale. This does not mean your device has been compromised, but rather the website you access has been hacked.

The scammers behind this charade have done nothing more complicated than purchased this data and are trying their luck by mass sending emails across the globe.

Is My Computer/Tablet/Phone Safe?

This is a difficult question to answer since you are ultimately responsible for how secure your device is. But, the chances are your device is free from malware (at least the malware purported in this scam) and for the most part is reasonably secure.

Surprisingly, we introduce much of the malware on our devices and it isn’t cleverly installed by expert hackers. This is particularly a problem in the ‘app’ age. Software is now an ‘on-demand’ commodity that is very cheap or free.

The end result of this is we now download software without really considering what it is or how it could affect or access our device. We also give these apps permission to access files and data without thinking about the consequences. As a result, many of the malware problems our tech suffers from is self-induced.

We would always recommend removing apps you don’t need and never installing those you are even remotely unsure about. You can even buy simple physical privacy guides that cover your camera, such as this one, to prevent recording should a malicious app find its way on your system.

What Should I Do After Deleting The Email?

If you still use or recognise the password in question, change it immediately on every site it has been used on. We also recommend you use a different password for each website you use. This reduces the risk of multiple accounts being compromised if one of the websites you use is hacked.

Some Websites Are Offering Software To Fix This, Should I Download It?

If you Google for this problem, as the scam email helpfully suggests, you’ll probably notice a slew of sites offering software to miraculously remove the malware for you.

Ignore these sites! Remember in this particular scam your device was not infected so why would you need to install any software to remove a non-existent problem? We suspect this is clever follow-up scammers are taking advantage of to trick you into installing malware. It is another example of social engineering at its disgustingly finest.

Should I Report This Email So The Scammer Can Be Arrested?

Its a sad state of affairs that the only advice we can give you is that it probably isn’t worth reporting outside as flagging it as spam. The whois information on the domain names used reveals little. We suspect the domains have been hijacked and/or the emails are being sent from a hacked mail server.

How Can I Keep Safe Online?

For the most part, a little common sense will keep you safe online. Here are some simple tips you can use:

  • Never give your details out to a website you don’t trust (especially financial details).
  • Setup a second email address that you use to give out to websites you are unsure about but doesn’t require any personal information to join.
  • Keep your software updated and ensure that you receive all security updates for the applications you use.
  • Never open attachments that come attached to suspicious emails.
  • Remove unused apps and programs and always take time to check out any apps you download. Be wary of apps that ask for permissions and access to your device that they might not need.
  • Always use different passwords for every site you access. Make sure the passwords you use are strong passwords and include a mixture of upper and lower case letters, numbers or symbols.

For the real security conscious amongst you, we recommend:

  • Browsing online using a VPN, especially when using public WiFi
  • Buying a camera privacy guard to ensure your webcam can only see and record when YOU want it to.