In this month’s Ask CyberGuru, we are asked: “I received an email advising that my email account has been hacked and a RAT installed on my computer. Further, it says I have been filmed using my webcam and personal information has been downloaded and will be shared on my social networks if I don’t pay the ransom in crypto-currency. Is this true?”.
There has been a series of emails doing the rounds recently advising that “RAT” (remote access technology) software has been installed onto your computer, threats of a personal nature are made and advised that this software will be made available to your social media if you don’t pay via crypto currency. Along with this, in some cases, the information include may include a password that you may have used.
This type of scam is the current flavour of the month and we have heard of several forms of this scam. One of the reasons these emails have particularly spooked clients is that the emails often contain threats of character assassination such as releasing “video” of the recipient watching adult content to their friends and family on social media, irrespective of whether they have done so or not.
Whilst this email seems threatening and intimidating, generally this email is an attempt to blackmail the recipient into paying money to the scammer. Oftentimes, the password may have been made public through a previously compromised website, and these passwords are often what makes this email more concerning.
If you suspect you may have been compromised in any way, protect yourself by:
- Changing all passwords on accounts with the password if displayed or not. Please check the “Have I been Pwned?” website (link opens in new window) to identify if your email account has been listed as being compromised in a data breach. If so, make sure you change any passwords immediately. As the email address and password is known, leaving these changes may cause issues in the future.
- Performing a full antivirus scan of your computer using a reputable internet security program. Further, please ensure you use secure (HTTPS) websites only to ensure your information is encrypted and remains safe. Always use internet security software on your computers and devices when online.
- Deleting the email and do not respond in any way to the hacker, and most certainly do not pay the ransom. Be wary of emails requesting you click to open a website or to access an important file. Do not take any action on the email.
If you are concerned you may have been or are compromised in any way, please contact CyberGuru for further advice. If you believe you have been the victim of identity theft or any information has been leaked, we strongly recommend that you seek immediate assistance.