Yep!  They’re back!  Hackers are sending out emails claiming to have seen and recorded the recipient watching porn on-line.  They threaten to expose the victim unless they get a payoff to stay silent.  They threaten to send copies of the video to all of the people in the victims e-mail address book to destroy their reputation.  Does it work?  Apparently so.  They’re raking in upwards of $50,000 per week.

Have you even seen an e-mail like this?  This is a copy of a real e-mail from one of the hackers.  The e-mail was directed at a specific person and showed a password supposedly belonging to that person.  The wording may vary but the intent is clear.

What should you do if you or a user gets one of these emails? 

Don’t respond to the e-mail or pay the ransom. The criminals are simply using email addresses and passwords data pulled from older data breaches.  I’ve included a site referenced below that you can use to see if your information has been breached and how.

How did these guys get my password?

While the exact methods are unconfirmed, criminals are probably referencing a database of passwords and email addresses collected from a large data breach that may have taken place years ago. Brian Krebs broke this story and several of his readers who received an email like this said the passwords referenced were ones they’d used up to 10 years ago.

To check to see what breaches your email address has been exposed in, you can visit researcher Troy Hunt’s site haveibeenpwned.com.