Email scam uses data from breached websites to craft authentic looking email – How to check if your data was exposed

A new email scam has been quickly spreading with different variants that claims to have hacked the recipient’s email account and includes a password used by the recipient. One variant further claims to have caught the recipient looking at pornographic websites, and demanding “ransom” in the form of Bitcoin payment to prevent the release of webcam photos being sent to all the recipient’s contacts. An example email is shown below.

If you’re the recipient of such an email you may think “how does a hacker break in and know my password?” The answer: they didn’t hack your account.

Here’s how they have the information: Data breaches from companies such as LinkedIn, Yahoo and countless others have exposed the email addresses and passwords of millions of users. Clever scammers have taken widely available information from the data breaches and crafted emails that forge the recipient’s email address and insert a password used on a breached web site. With the addition of potentially embarrassing information, the “sextortion” scammer asks for money in the form of Bitcoin to prevent the release of information to everybody in your contact list (which they don’t really have).

In summary, just ignore/delete the email and change the password on any websites that match the password in the email. You shouldn’t be using the same password on multiple sites anyways.

To find out if your email address(es) have been exposed in a data breach, you can safely enter your email address in the following website: