HomeHome : Monthly Tips : Apr 2019

Don't Pay the Ransom

April 2019 — Tip of the Month

Over the past few months, I have received a slew of emails stating, "Your account has been hacked!" Most of these were clearly bogus emails with no personally identifying information. Then I received a few similar emails that included an old password I used for some online accounts. That got my attention.

I'm pretty serious about security, using Ethernet instead of Wi-Fi at home and making sure I always use secure email with my laptop and smartphone. So it's unlikely a hacker obtained my login information from one of my personal devices. However, like millions of other people, some of my personal information was exposed in a data breach a few months ago. I confirmed at least one of these breaches included an old password.

Now at least once a week I receive an email saying something like:

"As you may have noticed, I sent you an email from your account. This means that I have full access to your account. I've been watching you for a few months now..."

The text above is followed by more threatening language, such as the hacker has been using my webcam and tracking the sites I visit on my computer. These are all false claims. The email ends by stating that, in order to prevent more leakage of my information, I need to pay a certain amount via Bitcoin to the hacker's BTC Wallet.

If you ever receive a message like this, do not pay the ransom. Why? Because:

  1. Most, if not all, claims made in the email are false.
  2. There is no guarantee anything will happen if you make a payment.
  3. You make yourself a more probable target for future hacking attempts and extortion.
  4. You are supporting hackers and encouraging them to continue their malicious activity.

These emails might look legitimate and they might be even appear to be sent from your own email address. But don't worry — these fake emails can be sent by even novice hackers using a technique called email spoofing. Don't get duped by scammers. The best way to handle these types of emails is to simply click Delete.

- Per Christensson