{"id":6966,"date":"2018-12-03T14:03:53","date_gmt":"2018-12-03T19:03:53","guid":{"rendered":"https:\/\/tcn.tidbits.com\/?p=6799"},"modified":"2018-12-04T19:55:36","modified_gmt":"2018-12-05T00:55:36","slug":"dont-panic-if-you-get-blackmail-spam-containing-a-familiar-password","status":"publish","type":"post","link":"https:\/\/www.macworks.com\/blog\/dont-panic-if-you-get-blackmail-spam-containing-a-familiar-password\/","title":{"rendered":"Don\u2019t Panic If You Get Blackmail Spam Containing A Familiar Password"},"content":{"rendered":"<p>Have you gotten an email message whose Subject line says something like \u201cChange your password immediately! Your email account has been hacked.\u201d? If not, it may be only a matter of time before you receive what is commonly known as &#8220;blackmail spam&#8221;. It\u2019s a scary message, especially because it contains one of your passwords, some threats, and a demand for money. Worse, the password is likely one you\u2019ve used in the past\u2014how could the hacker have discovered it? Has your Mac really been taken over?<\/p>\n<p>Relax. There\u2019s nothing to worry about.<\/p>\n<p>Blackmail spam has been making the rounds on the Internet recently\u2014we\u2019ve heard from several clients who have received it, and we\u2019ve gotten copies too. The message purports to be from a hacker who has taken over your Mac and installed spyware that has recorded you visiting Web sites that aren\u2019t exactly G-rated. The hacker also claims to have used your Mac\u2019s camera to photograph you while you\u2019re browsing said non-G-rated sites and threatens to share those pictures with your contacts and erase your drive unless you pay a ransom using Bitcoin.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-6800\" src=\"https:\/\/macworks.com\/blog\/wp-content\/uploads\/2018\/12\/dont-freak-out-if-you-get-blackmail-spam-containing-an-old-password-1.jpg\" sizes=\"auto, (max-width: 915px) 100vw, 915px\" srcset=\"https:\/\/macworks.com\/blog\/wp-content\/uploads\/2018\/12\/dont-freak-out-if-you-get-blackmail-spam-containing-an-old-password-1.jpg 915w, https:\/\/tcn.tidbits.com\/wp-content\/uploads\/2018\/12\/blackmail-spam-example-268x300.jpg 268w, https:\/\/tcn.tidbits.com\/wp-content\/uploads\/2018\/12\/blackmail-spam-example-768x860.jpg 768w, https:\/\/tcn.tidbits.com\/wp-content\/uploads\/2018\/12\/blackmail-spam-example-1080x1209.jpg 1080w\" alt=\"\" width=\"915\" height=\"1024\" \/><\/p>\n<p>This blackmail spam has raised concerns because it backs up its claims by showing a password that you\u2019ve used in the past. Hopefully, it\u2019s not one that you\u2019re still using, because it was extracted from one of the hundreds of password breaches that have occurred over the past decade. Impacted Web sites include big names such as Yahoo, LinkedIn, Adobe, Dropbox, Disqus, and Tumblr\u2014thieves have collectively stolen over 5.5 billion accounts. It\u2019s all too likely that some old password of yours was caught up in one of those thefts.<\/p>\n<p>Concerning as the message sounds, all the details other than your email address and password are completely fabricated. Your Mac has not been hacked. There is no malware spying on your every move. No pictures of you have been uploaded to a remote server. Your hard drive will not be erased. In short, you have nothing to worry about, and you should just mark the message as spam.<\/p>\n<p>However, if you\u2019re still using the password that appeared in the message, that is cause for concern. It means that any automated hacking software could break into the associated account, and it must be a weak password if the bad guys were able to decrypt it from the stolen password files. Go to <a href=\"https:\/\/haveibeenpwned.com\/\" rel=\"noopener\">Have I Been Pwned<\/a> and search for your email address. If it shows up for any breaches, make sure you\u2019ve changed your password for those accounts.<\/p>\n<p>As always, we recommend that you create a strong, unique password for each of your Web accounts. The easiest way to do this is to rely on a password manager like <a href=\"https:\/\/1password.com\/\" rel=\"noopener\">1Password<\/a> or <a href=\"https:\/\/www.lastpass.com\/\" rel=\"noopener\">LastPass<\/a> to generate a random password. Then, when you want to go back to that site, the password manager can log you in automatically. It\u2019s easier and more secure.<\/p>\n<p>If you\u2019re still concerned about your passwords, call MacWorks and we can help you get started with stronger security practices.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Have you gotten an email message whose Subject line says something like \u201cChange your password immediately! Your email account has been hacked.\u201d? If not, it may be only a matter of time before you receive what is commonly known as &#8220;blackmail spam&#8221;. It\u2019s a scary message, especially because it contains one of your passwords, some [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6975,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69,106,112,104,110],"tags":[118,719,720,117,49],"class_list":["post-6966","post","type-post","status-publish","format-standard","has-post-thumbnail","category-apple-consulting-ct","category-apple-support-ct","category-mac-support-ct","category-security","category-spam","tag-apple","tag-email-hacking","tag-hacking","tag-iphone","tag-security"],"_links":{"self":[{"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/posts\/6966","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/comments?post=6966"}],"version-history":[{"count":2,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/posts\/6966\/revisions"}],"predecessor-version":[{"id":6977,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/posts\/6966\/revisions\/6977"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/media\/6975"}],"wp:attachment":[{"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/media?parent=6966"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/categories?post=6966"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.macworks.com\/blog\/wp-json\/wp\/v2\/tags?post=6966"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}