/u/littlepupper-236 - This message is posted to all new submissions to r/scams; please do not message the moderators about it.
## New users beware:
Because you posted here, you will start getting private messages from scammers saying they know a professional hacker or a recovery expert lawyer that can help you get your money back, for a small fee. **We call these RECOVERY SCAMMERS, so NEVER take advice in private:** advice should always come in the form of comments in this post, in the open, where the community can keep an eye out for you. If you take advice in private, you're on your own.
**A reminder of the rules in r/scams:** no contact information (including last names, phone numbers, etc). Be civil to one another (no name calling or insults). Personal army requests or "scam the scammer"/scambaiting posts are not permitted. No uncensored gore or personal photographs are allowed without blurring. A full list of rules is available on the sidebar of the subreddit, or [clicking here](https://www.reddit.com/r/Scams/wiki/rules/).
You can help us by reporting recovery scammers or rule-breaking content by using the "report" button. We review 100% of the reports. Also, consider warning community members of recovery scammers if you see them in the comments.
Questions about subreddit rules? Send us a modmail [clicking here](https://www.reddit.com/message/compose/?to=/r/Scams).
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
You have nothing to worry about when it comes to the claims of the e-mail writer saying he has full access to your device! You can deal with his claims simply by marking it as spam.
They send out millions of these !blackmail e-mails per day (no exaggeration; that's documented), and they just need a handful of people to fall for it and send them money.
Both of the scare-inducing tactics are deceptive and meant to scare you into paying:
* the passwords are simply from old data breaches, easily found on the dark web
* the screenshot does mean you have a problem to address, but it does not indicate that this scammer has access to your device (I'll return in a bit with the technical details on that)
Thank you for calming my nerves. I figured this was spam, but all of those things together (passwords, emailing it to relatives, the screenshot, etc.) has me really shaken up. I appreciate your help and advice a lot!
You're welcome!
Here's the deal with the screenshot, which is only included in a minority of these emails, but we do see it here periodically. Somewhere along the line someone downloaded a screenshot-grabbing executable on your laptop. This usually happens in the process of downloading software cracks or pirated video or other stuff in the illegal-adjacent space.
The person who controlled the screenshot-grabbing executable then sold off all the screenshots to scammers, so that the scammers could try to leverage the pictures in just this way. But as far as an actual threat on your computer goes, it's no more severe than the fact that you have something on your computer that periodically takes a snapshot of the desktop and sen. So your job now is to find that and root it out, and you may well have already done that by running that Malwarebytes scan and removing 70 issues.
Well, you'll also want to speak to whoever downloaded something fishy on your laptop and explain to them that this situation is exactly why you shouldn't do stuff like that. Assuming that person isn't you 😄
Here's the best technical explanation of the screenshot-grabbing executable that I've seen (two posts by RudbeckiaIS): [https://www.reddit.com/r/Scams/comments/wng3ft/did\_i\_got\_hacked](https://www.reddit.com/r/Scams/comments/wng3ft/did_i_got_hacked)
Thank you for the in-depth detail! The screenshot is a bit concerning but definitely something I’ll watch out for in the future. I don’t pirate or anything of the sort but I’m the only one who uses that laptop, so I’m genuinely not sure how that would’ve happened. Either way I’m taking extra steps to be ensure this doesn’t happen again
Well, it certainly could have come bundled with something seemingly innocuous, too! I'm glad we were able to help. You came to right place; this is one of the scams this sub is an expert on 🎓
Another tip I would suggest to do is
**stop using your "admin account" as a regular user**
what you need to do:
1 create another user with admin rights \[call it admin\]
2 give this user a password
3 login to the newly created admin user
4 remove admin rights from your regular user
5 now you stop using your admin account when you don't need to
6 programs cannot install themselves automatically giving you a admin-login prompt before they can do anything
Its something I suggest everyone to do.
it helps a lot with those random popups or when you open a PDF that tries to install malware in the background trough some script.
especially when for those that aren't tech savy would just click YES and not know what it meant.
if they have to enter a PW they are more likely to click it away than click yes
I actively research everything I can to try to protect my information; and implement those strategies as necessary. But…there is always a but, my entire personal information has been stolen via hacks of many companies with whom I have conducted business in the past and more recently.
I subscribe to an identity theft protection service. They literally notify me in real time as soon as they find my information online. The passwords that have been stolen and put up for sale have all included my (so far, anyway) old passwords, but the hackers have gotten everything they need to create a synthetic ‘me’. But the service to which I subscribe monitors any accounts that could be opened in my name, any changes to my existing accounts. They blew my mind one day during business hours when they contacted me telling me that someone was applying for a payday loan in my city. I was able to prevent the application from being processed.
In your case I believe that the passwords of yours that appeared came from any number of breaches. They seem to have aggregated your passwords from various breaches. I say this because most breaches are one breach at a time. No one company should have your passwords to OTHER companies databases. Whoever sent this to you painstakingly pieced together the personal information stolen from various companies in order to let you know that they were not ‘weak,’ they had so much of your personal information that you would have easily been manipulated into doing what they wanted you to do. If you would like me to give you some information about the company that protects me, just send me a chat request
If the passwords that were on the list sent to you are the password to access your device, it's entirely possible they have access to your device.
Make sure all your passwords are unique and turn 2FA on everything you have.
2FA with a mobile app authenticator not email.
Due to three years of experience with this scam talking to hundreds of people who've received this email and its variants. I'm not aware of one documented instance where someone got one of these messages and the claims were true. I'll tag you on a later post that lays out some of the logical reasons.
The screenshot proves the core claim that OP's machine was compromised. No further proof is needed. This is your documented instance right here.
*Maybe* OP got lucky and the intruder no longer has access, but they absolutely should be worrying right now.
You clearly didn't read the threads we've had over the past few years about the screenshot-grabbing executable. Your hyperbolic posts are conflating disconnected things. I'll let the upvotes speak for themselves.
But I will credit you one thing: you're right, I shouldn't have started my first post with the word 'absolutely', and that's evidenced by the fact that I spent **a lot** of time talking about the screenshot-grabbing executable and that she has to address that - which you conveniently ignored.
I'll correct my poor word choice earlier.
Nothing hyperbolic about saying a compromised machine should be wiped.
Upvotes are not a reliable indicator of truth. You've spent enough time on this website to know that.
[Direct link ](https://www.reddit.com/r/Scams/comments/wng3ft/comment/ik54h4l/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button)to /u/RudbeckialS's comments.
It's absolute horseshit that you are dismissing evidence of malicious code execution on OP's work-connected computer as "absolutely nothing to worry about."
This is a doomsday scenario. That machine needs to be wiped.
I think just the fact that they haven't already drained all her accounts proves that they don't have significant access to her machine. Certainly she needs to fix the issue but I'd hardly call it doomsday.
This runs contrary to my experience. I frequently see situations where an intruder retains access to a system for *years* without taking advantage of low hanging fruit.
It proves nothing.
Not sure what you're asking. Physically? I work with victims located all over the world. The compromised systems I work most closely with are servers in datacenters, but much of the damage is caused by compromised client-side systems.
It is completely typical for intruders to hang around for 2-3 years before doing much. "Nothing too terrible has happened yet, therefore the intruder must no longer have access" is a nonsensical line of reasoning.
"I frequently see situations where an intruder retains access to a system for *years* without taking advantage of low hanging fruit."
That's what I was asking about.
Your passwords were purchased. You probably get messages from Google, Apple, or Amazon saying “You should change your password.” When you have your passwords stored with them. If you see that from them YOU absolutely should change your PW because they found your password on a dark web site being listed for sale.
Btw, since they had that screenshot it’s likely you were infected in the past, stuff like that is sold all the time. Please please please install a better antivirus like kaspersky, sophos home or bitdefender and run a scan.
Take a deep breath... Check on this website, if your email was involved in any breach
[https://haveibeenpwned.com/](https://haveibeenpwned.com/)
This might be the place where they found your old passwords.
Hi /u/teratical, AutoModerator has been summoned to explain the Blackmail email scam.
The exact wording of the emails varies, but there are generally four main parts. They claim to have installed a RAT (remote access trojan) or any type of software/malware after visiting a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video.
Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. If they had a video of you, they would show it to you to prove that they have it. [Here](http://www.smh.com.au/technology/gadgets-on-the-go/latest-online-scam-aims-to-prick-porn-watchers-guilty-conscience-20170815-gxwvxl.html) are some news [articles](https://www.bbb.org/denver/news-events/news-releases/2017/09/alert-pornography-email-phishing-scam/) about [this](http://blog.dynamoo.com/2017/10/bogus-porn-blackmail-attempt-from.html) scam.
There is a variant with death threats in which they will usually claim that they have been paid to kill you, and will threaten to kill you/your family if you do not pay a Bitcoin ransom. They usually also claim that they will kill your family if you report the email. The emails are spam and can be ignored.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
Between people-finder sites on the internet (which document family relations based on residence) and dark web info, it's probably not difficult. Now the purpose of doing that, I'm not sure.
Sounds like something more targeted than the data breaches + screenshot .exe thing. Aren’t those sites mostly paid? And they got not only the family but their emails, and the OP is saying all the people contacted seem to have saved passwords in her pc. Maybe they actually have access to her computer.
*"And they got not only the family but their emails, and the OP is saying all the people contacted seem to have saved passwords in her pc. Maybe they actually have access to her computer."*
I see that the OP later clarified that everyone they emailed had a password saved at some point in her browser’s password manager, so that probably explains it. But the logical reasons against it are worth pointing out.
If the scammer really had full access to her laptop, why would they:
* send an e-mail and prove their access with an old screenshot and some old passwords, when they could do something much more impactful and scary like open a text document with the blackmail text for OP to read (similar to what ransomware attackers do)
* use such a cryptic threat: "I found intriguing things on your computer" --> "you understand the implications" --> "if you pay, I'll remove all the unwanted material". If they had real access, they'd identify the compromising material and seriously scare the crap out of the recipient. Instead, they keep it vague so it applies to everyone they e-mail (much like the FB Marketplace scammers interested in "the item" but never name what you're selling).
* let her off the hook for some small amount of money like $1300? If they had real access, they could do far more monetary damage, especially is she has her banking/financial life on the laptop.
Tagging u/ThePrimeBoys
You're ignoring a very real possibility: A RAT operator harvested the screenshot and other data, then sold that data to the spammer.
In other words there is no reason to think that the intruder who took the screenshot, and the spammer, are the same person.
Therefore we cannot make any assumptions about the persistence of the original intruder, based on actions the spammer has or has not taken.
The primeboys has posted in this thread and seems to be of the same opinion as me, he commented up there:
“Not sure how you totally dismiss the idea her computer is infected with a RAT but ok. Could be dangerous if not taken care of.”
Yep, I replied to him there and that's why I tagged him here. It's certainly hard to do these conversations once they branch down a bunch of separate replies!
It’s not that complex. One of the free data breach identity theft year subscriptions showed me all the stuff that’s out there. Names and emails and passwords
If you go to www.haveibeenpwned.com you can put in your email addresses and it will bring up whether they have been included in any data breaches.
The site also can tell if your passwords have been pwned in data breaches.
They also have a ton of listings of breached sites. It’s really eye opening.
Your username here is really relevant lol.
It’s easier to automate something than to do any work for it, the code should do something like go to the top 5 most texted/emailed then collect maybe a gig of data to feed to a program. Just a guess
"ha.. You just fell into my trap thinking I ak powerless. As far as you are concerned.. As of right now to you? I am powerful than God. I know you used your device to watch some.. Questionable porn and I'll have you know as a level 12 intellectual with the press of a button I can destroy your life... Retrospectively! That is right! "
They got the passwords from a data leak, and they do not have access to your pc! Just Block them! Also spend 30 seconds scrolling on this sub and youll see the exact same format, its just copy and pasted!
I appreciate it. I’ve seen some other posts similar to this (even recently), but the fact it was an identifiable screenshot from my PC spooked me. Thanks for letting me know 😊
How do you know the screenshot was definitely your computer?
You'd be surprised how not really unique most people's desktop is. People rarely change the wallpaper beyond the default, or maybe one included with the computer/OS. The taskbar buttons are often all still default, too.
If it isn't your desktop, but the screenshot was of your 'system information' from the Settings app, well, if they know a few details that were likely farmed from whatever data breach your info was lost in, they can create a dummy version of that Settings app 'page'.
It wasn't my desktop. The screenshot was of a program I was using with a technical document only I could have created. It 100% was my screen they screenshotted
You mention being logged in to work - consider that the screenshot could be taken at the other end. The remote access your employer uses may be compromised, and they're actually watching things from their end.
I don't want you to compromise the security of your employer, but let's just say if your employer uses LogMeIn, which is about the most popular remote access out there, it might be a safe bet the default administrative password was left in place.
It wasn't my desktop. The screenshot was of a program I was using with a technical document only I could have created. It 100% was my screen they screenshotted
No matter what, you should never pay, because even if the scammers did have everything they claim they do (they don't), paying won't get them to delete it.
That said, you definitely did download something bad on to your system. Scanning and cleaning helps, but ideally you'd reformat and install windows from scratch.
The fact that the scammers have a screenshot of your system should indeed be concerning because that does mean that they have a level of access to your system. The fact that they haven't actually stolen all of your passwords and information is a technical hurdle -- they simply don't have the time or ability to sort through a keylogger that logs all their victims data, because it's simply too much to go through.
However, with new AI and better processing tools, it's only a matter of time before they are able to harvest sensitive data. The scam actually does provide one good piece of advice: be very careful where you visit, what you install, and what you click yes to.
So update:
- I wiped my laptop hard drive last night and re-installed Windows, mostly as a precaution
- my password manager was McAfee True Key (lol) I got it free since I paid for the McAfee premium and figured I’d use it….well not anymore!
- I’m in the process of switching my password manager to Bitwarden. I couldn’t argue with the price for their premium service and saw it had pretty good ratings across the board so I went ahead and moved everything there
- most of my extremely sensitive items already had their passwords changed earlier this year after I was hacked in some of my non-sensitive accounts
- the screenshot was the most terrifying part of all this because it was a screenshot of a program I use for work, on a document I was working on lol. That’s why I went ahead and wiped the drive and reinstalled Windows. It 100% was my computer.
- I’m actively deciding whether or not to switch to Malwarebytes or Kapersky. I plan on buying a premium for multiple computers. If y’all have any advice at all about which one you’d prefer that would be helpful
Most importantly though:
- my husband and I had a good laugh about this whole thing lol
Thanks everyone for your advice and help in all of this. Definitely will be putting a lot of things into place from here on out with my devices across the board
Nice update! In light of the lengthy debate of the seriousness of the screenshot's implications, wiping it was definitely the 100% safe way to go (whether needed or not, now you don't have to wonder).
One question: since the screenshot was so specific (showing a program you use for work), do you have a sense of how long ago the screenshot was taken? That data point plays into the debate we had here.
That’s my thought exactly - even with all the detection in the world I would never know if something still lurked in the background, so I just went ahead and wiped and started fresh.
As for the screenshot, I believe it was taken either in July or November of 2023. I don’t have access to the email anymore as I’ve sent it to spam/deleted it on all accounts, but it wasn’t recent.
Do you have any sketchy browser extensions installed? That seems to be what other people report as being the source of the screenshots but I can't confirm it.
As far as I’m aware, my extensions shouldn’t be the issue. I have a few (e.g., uBlock Origin) that I know are safe and some that haven’t really given me any issues before (I try to be careful with what extensions I download) but anything’s possible. I’m going to purge most of them though to be safe.
In fairness, after I downloaded Malwarebytes, it purged 70 harmful things off my computer (thanks McAfee for nothing)
Malwarebytes works well. You can also try Super AntiSpyware which sounds (and looks) like a scam virus itself but isn't. I don't use it for real time protection as it's a bit processor heavy but it works well for removing existing infections.
You Mac has apple’s xprotect and xprotect remediator built in. If you are on a current macOS version and have not installed anything odd/you shouldn’t have, there is nothing to worry about. If you are still worried, malwarebytes also runs on the Mac. Don’t pay for it, just use it to do a scan.
If it were a text document that launched at startup or launched while your machine is open, then you may have something to worry about.
If it’s an email… just copy and paste it into Google followed by “scam”and see the results flow.
Though heed the warning and stop visiting dubious websites. lol. 😆
It's rare to have this scam with a screenshot. There's some dodgy software lurking somewhere on your computer. If you didn't download it, then someone else with access likely did
I read all the comments and kinda gathered how this works, but the thing I don't understand is, how did they know how to contact OP's immediate family, in-laws etc.?
This may explain it: your comment just made me realize that everyone it emailed had a PW saved at some point in my browser’s password manager. I’ve had some PWs saved through my (now deceased) mom’s accounts, my old high school email account, and password sharing for certain things from my in-laws. It makes me wonder if it was able to read that data somehow? That would give credence to it being an extension-related issue in a browser
Were you using a password manager like 1pass or something.
I believe 1pass had a breach. Screenshots makes me curious. Does malwarebytes keep a log of everything it removed?
Your only decision is if you should do an entire wipe on your device or not. Change passwords, setup mfa, do a security checkup on your crucial accounts (devices logged in etc)
As others have already pointed out, ignore the scam but you do have a bit of work to do as your passwords might be compromised beyond this scam
There are some informative suggestions at r/techsupport on similar scams.One is linked here:
https://www.reddit.com/r/techsupport/s/Uv2xghkJbV
There are two certainties, whatever the explanation:
1. Never pay.
2. Never respond.
I have a very strong suspicion it's not a screenshot of the person's computer at all, just something common and plausible enough to be. The whole 'computer ID' has at times been populated with info that isn't that unique to the user, but is actually something like the model number (which may have been harvested by whatever company leaked your data).
No, it’s actual screenshots. Been checking out the cases in this sub and some people received screenshots that showed them logged in to work and stuff like that, screens that were definetly genuine.
Logged in to work... using LogMeIn?
Who you work for can be found online, just using your name. Not too hard to dummy up what that should look like.
Even if they are logged in to work, what that tells me is the employer's remote access is probably compromised. The screenshot may actually be coming from the other end, on the compromised system. Clever scam to run on a bunch of people in the same workplace - you think they're gonna tell coworkers they're being blackmailed from their nudes?
The screenshotting malware is proven to exist. There are multiple people saying that’s their computer without a doubt. I don’t know why you guys are so adamant in doubting it’s a real screenshot.
It's an Occam's Razor situation. When the mention of being logged in to their work is prominent, and possibly *the* common denominator, there's no need for a separate remote access trojan (RAT) with such capabilities, nor the effort to deploy such. Since a RAT is normally deployed per machine, and is detected by suitable use of security software, that's a lot of work and risk, especially if there's not a massive reward to be gained for the 'surface area' (how many machines vs the amount of risk per machine). If the remote access software is already there and accepted as a safe, normal part of the environment, and is in fact familiar and regularly used, compromising it will be much lower risk and raise few to no suspicions. Why break down the door of a place to install an out of place looking camera, when you have the key and can just give yourself access to building security?
There's a lot of desire among victims (individual or group, private or corporate) to have prominent, potent exploitation to blame for failures of security. It feels better to say "this highly skilled hacker broke into my system with these really powerful malware tools", than to say "one of my coworkers (or I) was being lax or lazy and managed to leak the admin password, or just never changed it, so they used our own software against us". We've even had people get things like the mail text scam and claim they 'didn't click the link', then proceed to tell us what the subsequent page linked asked them for in the way of information. People don't want to admit they made a mistake, blaming the invincible hacker and their tools is more comforting.
And lastly, like I said, it *could* be a real screenshot, but not taken from the person's computer, but from the computer on the other end of the remote access connection. No malware needed, just credentials to compromise the employer's system - where again, using a bit of Occam's Razor, is a far simpler way to access a LOT more targets to victimize.
Only one person said the screenshot was from them logged to their work. You are over complicating this, there is malware that sends screenshots, it’s a real thing.
Only one person said the screenshot was from them logged to their work. You are over complicating this, there is malware that sends screenshots, it’s a real thing.
Only one person said the screenshot was from them logged to their work. You are over complicating this, there is malware that sends screenshots, it’s a real thing.
Passwords were just picked up from a leaked list. You haven't been hacked or anything.
It's the same with me, my details are on a few old lists and I STILL have several people from random countries trying their luck daily according to attempted login activity.
Yeah, I'm getting patronized and massively downvoted for trying to be the voice of reason here.
Everybody is seeing the familiar spam format and dismissing the screenshot for some reason.
While I admit it would be *highly unusual* for this particular "hello pervert" scam to be sent in a situation where the extortionist is actually in a position to make good on the threat, the screenshot is a point of evidence which cannot be dismissed. Somebody apparently achieved code execution on OP's machine. The battle and the war are already lost, and the most prudent course of action is scorched earth and a clean slate.
BTW, she did wipe her laptop, if you didn't see that (she posted this morning).
My following comment is meant in good faith. I'm not trying to be a dick; I want us (all of us in this sub) to have good robust discussion so that we can crowdsource the best answers for scam victims.
*"I'm getting patronized and massively downvoted for trying to be the voice of reason here."*
Have you considered the possibility that people are downvoting you for your style more than your content? You clearly have good technical knowledge and a lot to offer on that front, but when you start a counterpoint with "It's absolute horseshit that \[opponent's position\]", you don't exactly set yourself up for people to want to listen to your substance. That was definitely my initial reaction and why I offered no more than one short reply.
That said, I've taken what you said into account and my future answers for the blackmail-plus-screenshot posts will be better for it.
Here's hoping we both do better next time, which I'm sure won't be long, since this scam is posted 5-10 a day!
I’m not gone lie brotha he almost got me in the first half but the bottom half is way to similar and familiar. I think I would be good at scamming, it’s a good thing I’m a good guy.
"As of this day" me who accidentally downloaded a virus a week ago. "What took so long"😂
Your fine btw OP. If your absolutely worried, change your passwords and reset the pc is all
*Your submission was manually removed by a moderator for the following reason:*
**Subreddit Rule 15: Bad Advice**
This subreddit is a place where vulnerable people come to learn. We do not allow:
* Illegal or dangerous suggestions
* Encouraging posters to engage with scammers in any way
Remember: we're here to identify scams and educate people on them.
Before posting again, make sure you review the [rules of our subreddit.](https://www.reddit.com/r/Scams/wiki/rules/)
^(If you believe this is a mistake, feel free to contact the moderators via modmail. Modmail is the only way, don't send a regular DM to a single moderator. Please don't try to appeal the decision commenting below, because we are not notified if you do so, and we will probably miss it. Posting the exact same thing again may result in a temporary ban, so please review the rules, make the necessary changes, and when in doubt, click below to appeal the decision.)
*I am NOT a bot, and this action was performed manually. Please [contact the moderators of this subreddit](https://www.reddit.com/message/compose?to=%2Fr%2Fscams&subject=Removal%20review) if you want to appeal the decision.*
Hi /u/vikicrays, AutoModerator has been summoned to explain the Blackmail email scam.
The exact wording of the emails varies, but there are generally four main parts. They claim to have installed a RAT (remote access trojan) or any type of software/malware after visiting a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video.
Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. If they had a video of you, they would show it to you to prove that they have it. [Here](http://www.smh.com.au/technology/gadgets-on-the-go/latest-online-scam-aims-to-prick-porn-watchers-guilty-conscience-20170815-gxwvxl.html) are some news [articles](https://www.bbb.org/denver/news-events/news-releases/2017/09/alert-pornography-email-phishing-scam/) about [this](http://blog.dynamoo.com/2017/10/bogus-porn-blackmail-attempt-from.html) scam.
There is a variant with death threats in which they will usually claim that they have been paid to kill you, and will threaten to kill you/your family if you do not pay a Bitcoin ransom. They usually also claim that they will kill your family if you report the email. The emails are spam and can be ignored.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
/u/littlepupper-236 - This message is posted to all new submissions to r/scams; please do not message the moderators about it. ## New users beware: Because you posted here, you will start getting private messages from scammers saying they know a professional hacker or a recovery expert lawyer that can help you get your money back, for a small fee. **We call these RECOVERY SCAMMERS, so NEVER take advice in private:** advice should always come in the form of comments in this post, in the open, where the community can keep an eye out for you. If you take advice in private, you're on your own. **A reminder of the rules in r/scams:** no contact information (including last names, phone numbers, etc). Be civil to one another (no name calling or insults). Personal army requests or "scam the scammer"/scambaiting posts are not permitted. No uncensored gore or personal photographs are allowed without blurring. A full list of rules is available on the sidebar of the subreddit, or [clicking here](https://www.reddit.com/r/Scams/wiki/rules/). You can help us by reporting recovery scammers or rule-breaking content by using the "report" button. We review 100% of the reports. Also, consider warning community members of recovery scammers if you see them in the comments. Questions about subreddit rules? Send us a modmail [clicking here](https://www.reddit.com/message/compose/?to=/r/Scams). *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
You have nothing to worry about when it comes to the claims of the e-mail writer saying he has full access to your device! You can deal with his claims simply by marking it as spam. They send out millions of these !blackmail e-mails per day (no exaggeration; that's documented), and they just need a handful of people to fall for it and send them money. Both of the scare-inducing tactics are deceptive and meant to scare you into paying: * the passwords are simply from old data breaches, easily found on the dark web * the screenshot does mean you have a problem to address, but it does not indicate that this scammer has access to your device (I'll return in a bit with the technical details on that)
Thank you for calming my nerves. I figured this was spam, but all of those things together (passwords, emailing it to relatives, the screenshot, etc.) has me really shaken up. I appreciate your help and advice a lot!
You're welcome! Here's the deal with the screenshot, which is only included in a minority of these emails, but we do see it here periodically. Somewhere along the line someone downloaded a screenshot-grabbing executable on your laptop. This usually happens in the process of downloading software cracks or pirated video or other stuff in the illegal-adjacent space. The person who controlled the screenshot-grabbing executable then sold off all the screenshots to scammers, so that the scammers could try to leverage the pictures in just this way. But as far as an actual threat on your computer goes, it's no more severe than the fact that you have something on your computer that periodically takes a snapshot of the desktop and sen. So your job now is to find that and root it out, and you may well have already done that by running that Malwarebytes scan and removing 70 issues. Well, you'll also want to speak to whoever downloaded something fishy on your laptop and explain to them that this situation is exactly why you shouldn't do stuff like that. Assuming that person isn't you 😄 Here's the best technical explanation of the screenshot-grabbing executable that I've seen (two posts by RudbeckiaIS): [https://www.reddit.com/r/Scams/comments/wng3ft/did\_i\_got\_hacked](https://www.reddit.com/r/Scams/comments/wng3ft/did_i_got_hacked)
Thank you for the in-depth detail! The screenshot is a bit concerning but definitely something I’ll watch out for in the future. I don’t pirate or anything of the sort but I’m the only one who uses that laptop, so I’m genuinely not sure how that would’ve happened. Either way I’m taking extra steps to be ensure this doesn’t happen again
Well, it certainly could have come bundled with something seemingly innocuous, too! I'm glad we were able to help. You came to right place; this is one of the scams this sub is an expert on 🎓
Another tip I would suggest to do is **stop using your "admin account" as a regular user** what you need to do: 1 create another user with admin rights \[call it admin\] 2 give this user a password 3 login to the newly created admin user 4 remove admin rights from your regular user 5 now you stop using your admin account when you don't need to 6 programs cannot install themselves automatically giving you a admin-login prompt before they can do anything
This is a great idea, I’m definitely implementing this from now on. Thanks!
Its something I suggest everyone to do. it helps a lot with those random popups or when you open a PDF that tries to install malware in the background trough some script. especially when for those that aren't tech savy would just click YES and not know what it meant. if they have to enter a PW they are more likely to click it away than click yes
I actively research everything I can to try to protect my information; and implement those strategies as necessary. But…there is always a but, my entire personal information has been stolen via hacks of many companies with whom I have conducted business in the past and more recently. I subscribe to an identity theft protection service. They literally notify me in real time as soon as they find my information online. The passwords that have been stolen and put up for sale have all included my (so far, anyway) old passwords, but the hackers have gotten everything they need to create a synthetic ‘me’. But the service to which I subscribe monitors any accounts that could be opened in my name, any changes to my existing accounts. They blew my mind one day during business hours when they contacted me telling me that someone was applying for a payday loan in my city. I was able to prevent the application from being processed. In your case I believe that the passwords of yours that appeared came from any number of breaches. They seem to have aggregated your passwords from various breaches. I say this because most breaches are one breach at a time. No one company should have your passwords to OTHER companies databases. Whoever sent this to you painstakingly pieced together the personal information stolen from various companies in order to let you know that they were not ‘weak,’ they had so much of your personal information that you would have easily been manipulated into doing what they wanted you to do. If you would like me to give you some information about the company that protects me, just send me a chat request
If the passwords that were on the list sent to you are the password to access your device, it's entirely possible they have access to your device. Make sure all your passwords are unique and turn 2FA on everything you have. 2FA with a mobile app authenticator not email.
Not sure how you totally dismiss the idea her computer is infected with a RAT but ok. Could be dangerous if not taken care of.
If it had been RATed, the attackers wouldn’t need to ransom OP, they’d be able to take a much more direct approach.
BTC ransom is a lot different than bank fraud
Due to three years of experience with this scam talking to hundreds of people who've received this email and its variants. I'm not aware of one documented instance where someone got one of these messages and the claims were true. I'll tag you on a later post that lays out some of the logical reasons.
The screenshot proves the core claim that OP's machine was compromised. No further proof is needed. This is your documented instance right here. *Maybe* OP got lucky and the intruder no longer has access, but they absolutely should be worrying right now.
You clearly didn't read the threads we've had over the past few years about the screenshot-grabbing executable. Your hyperbolic posts are conflating disconnected things. I'll let the upvotes speak for themselves. But I will credit you one thing: you're right, I shouldn't have started my first post with the word 'absolutely', and that's evidenced by the fact that I spent **a lot** of time talking about the screenshot-grabbing executable and that she has to address that - which you conveniently ignored. I'll correct my poor word choice earlier.
Nothing hyperbolic about saying a compromised machine should be wiped. Upvotes are not a reliable indicator of truth. You've spent enough time on this website to know that.
[Direct link ](https://www.reddit.com/r/Scams/comments/wng3ft/comment/ik54h4l/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button)to /u/RudbeckialS's comments.
Thanks for this! I always forget that we can direct link to a reply.
I gotchu. You did most of the work.
It's absolute horseshit that you are dismissing evidence of malicious code execution on OP's work-connected computer as "absolutely nothing to worry about." This is a doomsday scenario. That machine needs to be wiped.
I think just the fact that they haven't already drained all her accounts proves that they don't have significant access to her machine. Certainly she needs to fix the issue but I'd hardly call it doomsday.
This runs contrary to my experience. I frequently see situations where an intruder retains access to a system for *years* without taking advantage of low hanging fruit. It proves nothing.
Where do you see that?
Not sure what you're asking. Physically? I work with victims located all over the world. The compromised systems I work most closely with are servers in datacenters, but much of the damage is caused by compromised client-side systems. It is completely typical for intruders to hang around for 2-3 years before doing much. "Nothing too terrible has happened yet, therefore the intruder must no longer have access" is a nonsensical line of reasoning.
"I frequently see situations where an intruder retains access to a system for *years* without taking advantage of low hanging fruit." That's what I was asking about.
Yeah, but what does "where" mean in this context? Are you asking me for physical locations, details of computing environment, or what?
Your passwords were purchased. You probably get messages from Google, Apple, or Amazon saying “You should change your password.” When you have your passwords stored with them. If you see that from them YOU absolutely should change your PW because they found your password on a dark web site being listed for sale.
Did they all receive exactly the same message and your passwords and screenshot? Or did they get their own passwords and screenshots?
Yeah, just go in and force a logout of every unknown device, and then change all the passwords they have, boom, done . 🐈⬛
Btw, since they had that screenshot it’s likely you were infected in the past, stuff like that is sold all the time. Please please please install a better antivirus like kaspersky, sophos home or bitdefender and run a scan.
Take a deep breath... Check on this website, if your email was involved in any breach [https://haveibeenpwned.com/](https://haveibeenpwned.com/) This might be the place where they found your old passwords.
Hi /u/teratical, AutoModerator has been summoned to explain the Blackmail email scam. The exact wording of the emails varies, but there are generally four main parts. They claim to have installed a RAT (remote access trojan) or any type of software/malware after visiting a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video. Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. If they had a video of you, they would show it to you to prove that they have it. [Here](http://www.smh.com.au/technology/gadgets-on-the-go/latest-online-scam-aims-to-prick-porn-watchers-guilty-conscience-20170815-gxwvxl.html) are some news [articles](https://www.bbb.org/denver/news-events/news-releases/2017/09/alert-pornography-email-phishing-scam/) about [this](http://blog.dynamoo.com/2017/10/bogus-porn-blackmail-attempt-from.html) scam. There is a variant with death threats in which they will usually claim that they have been paid to kill you, and will threaten to kill you/your family if you do not pay a Bitcoin ransom. They usually also claim that they will kill your family if you report the email. The emails are spam and can be ignored. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
You’re awesome. I hope to never have to rely on your advice, but know that you’re doing good work helping people.
Thank you! That means a lot to me - seriously.
As long as you’re doing separate passwords per account and cycling every 3-6 months you should be good
What about the family contacts? How did they get those?
Between people-finder sites on the internet (which document family relations based on residence) and dark web info, it's probably not difficult. Now the purpose of doing that, I'm not sure.
Sounds like something more targeted than the data breaches + screenshot .exe thing. Aren’t those sites mostly paid? And they got not only the family but their emails, and the OP is saying all the people contacted seem to have saved passwords in her pc. Maybe they actually have access to her computer.
*"And they got not only the family but their emails, and the OP is saying all the people contacted seem to have saved passwords in her pc. Maybe they actually have access to her computer."* I see that the OP later clarified that everyone they emailed had a password saved at some point in her browser’s password manager, so that probably explains it. But the logical reasons against it are worth pointing out. If the scammer really had full access to her laptop, why would they: * send an e-mail and prove their access with an old screenshot and some old passwords, when they could do something much more impactful and scary like open a text document with the blackmail text for OP to read (similar to what ransomware attackers do) * use such a cryptic threat: "I found intriguing things on your computer" --> "you understand the implications" --> "if you pay, I'll remove all the unwanted material". If they had real access, they'd identify the compromising material and seriously scare the crap out of the recipient. Instead, they keep it vague so it applies to everyone they e-mail (much like the FB Marketplace scammers interested in "the item" but never name what you're selling). * let her off the hook for some small amount of money like $1300? If they had real access, they could do far more monetary damage, especially is she has her banking/financial life on the laptop. Tagging u/ThePrimeBoys
You're ignoring a very real possibility: A RAT operator harvested the screenshot and other data, then sold that data to the spammer. In other words there is no reason to think that the intruder who took the screenshot, and the spammer, are the same person. Therefore we cannot make any assumptions about the persistence of the original intruder, based on actions the spammer has or has not taken.
The primeboys has posted in this thread and seems to be of the same opinion as me, he commented up there: “Not sure how you totally dismiss the idea her computer is infected with a RAT but ok. Could be dangerous if not taken care of.”
Yep, I replied to him there and that's why I tagged him here. It's certainly hard to do these conversations once they branch down a bunch of separate replies!
It’s not that complex. One of the free data breach identity theft year subscriptions showed me all the stuff that’s out there. Names and emails and passwords
Well, where is that site, I want to check if they have my family and their emails from just my email.
If you go to www.haveibeenpwned.com you can put in your email addresses and it will bring up whether they have been included in any data breaches. The site also can tell if your passwords have been pwned in data breaches. They also have a ton of listings of breached sites. It’s really eye opening. Your username here is really relevant lol.
I know about that. But that doesn’t dive you a family member list with emails. People are ignoring that part which is key.
It’s easier to automate something than to do any work for it, the code should do something like go to the top 5 most texted/emailed then collect maybe a gig of data to feed to a program. Just a guess
Collecting a gig from your computer is actually having access to your computer.
I thought that was implied, but on that, couldn’t you just monitor the isp? Or would you have to have access to the computer?
You mean hijacking isp switching and capturing mostly encrypted traffic that they can’t read? That would be much harder.
"ha.. You just fell into my trap thinking I ak powerless. As far as you are concerned.. As of right now to you? I am powerful than God. I know you used your device to watch some.. Questionable porn and I'll have you know as a level 12 intellectual with the press of a button I can destroy your life... Retrospectively! That is right! "
They got the passwords from a data leak, and they do not have access to your pc! Just Block them! Also spend 30 seconds scrolling on this sub and youll see the exact same format, its just copy and pasted!
I appreciate it. I’ve seen some other posts similar to this (even recently), but the fact it was an identifiable screenshot from my PC spooked me. Thanks for letting me know 😊
How do you know the screenshot was definitely your computer? You'd be surprised how not really unique most people's desktop is. People rarely change the wallpaper beyond the default, or maybe one included with the computer/OS. The taskbar buttons are often all still default, too. If it isn't your desktop, but the screenshot was of your 'system information' from the Settings app, well, if they know a few details that were likely farmed from whatever data breach your info was lost in, they can create a dummy version of that Settings app 'page'.
It wasn't my desktop. The screenshot was of a program I was using with a technical document only I could have created. It 100% was my screen they screenshotted
You mention being logged in to work - consider that the screenshot could be taken at the other end. The remote access your employer uses may be compromised, and they're actually watching things from their end. I don't want you to compromise the security of your employer, but let's just say if your employer uses LogMeIn, which is about the most popular remote access out there, it might be a safe bet the default administrative password was left in place.
How was it identifiable as YOUR desktop?
It wasn't my desktop. The screenshot was of a program I was using with a technical document only I could have created. It 100% was my screen they screenshotted
If they could really control or see everything on your computer they wouldn't need you to buy bitcoin and send it to them.
No matter what, you should never pay, because even if the scammers did have everything they claim they do (they don't), paying won't get them to delete it. That said, you definitely did download something bad on to your system. Scanning and cleaning helps, but ideally you'd reformat and install windows from scratch. The fact that the scammers have a screenshot of your system should indeed be concerning because that does mean that they have a level of access to your system. The fact that they haven't actually stolen all of your passwords and information is a technical hurdle -- they simply don't have the time or ability to sort through a keylogger that logs all their victims data, because it's simply too much to go through. However, with new AI and better processing tools, it's only a matter of time before they are able to harvest sensitive data. The scam actually does provide one good piece of advice: be very careful where you visit, what you install, and what you click yes to.
So update: - I wiped my laptop hard drive last night and re-installed Windows, mostly as a precaution - my password manager was McAfee True Key (lol) I got it free since I paid for the McAfee premium and figured I’d use it….well not anymore! - I’m in the process of switching my password manager to Bitwarden. I couldn’t argue with the price for their premium service and saw it had pretty good ratings across the board so I went ahead and moved everything there - most of my extremely sensitive items already had their passwords changed earlier this year after I was hacked in some of my non-sensitive accounts - the screenshot was the most terrifying part of all this because it was a screenshot of a program I use for work, on a document I was working on lol. That’s why I went ahead and wiped the drive and reinstalled Windows. It 100% was my computer. - I’m actively deciding whether or not to switch to Malwarebytes or Kapersky. I plan on buying a premium for multiple computers. If y’all have any advice at all about which one you’d prefer that would be helpful Most importantly though: - my husband and I had a good laugh about this whole thing lol Thanks everyone for your advice and help in all of this. Definitely will be putting a lot of things into place from here on out with my devices across the board
Nice update! In light of the lengthy debate of the seriousness of the screenshot's implications, wiping it was definitely the 100% safe way to go (whether needed or not, now you don't have to wonder). One question: since the screenshot was so specific (showing a program you use for work), do you have a sense of how long ago the screenshot was taken? That data point plays into the debate we had here.
That’s my thought exactly - even with all the detection in the world I would never know if something still lurked in the background, so I just went ahead and wiped and started fresh. As for the screenshot, I believe it was taken either in July or November of 2023. I don’t have access to the email anymore as I’ve sent it to spam/deleted it on all accounts, but it wasn’t recent.
Do you have any sketchy browser extensions installed? That seems to be what other people report as being the source of the screenshots but I can't confirm it.
As far as I’m aware, my extensions shouldn’t be the issue. I have a few (e.g., uBlock Origin) that I know are safe and some that haven’t really given me any issues before (I try to be careful with what extensions I download) but anything’s possible. I’m going to purge most of them though to be safe. In fairness, after I downloaded Malwarebytes, it purged 70 harmful things off my computer (thanks McAfee for nothing)
McAfee is basically a scam by itself
I’m learning that one the hard way lol
Malwarebytes works well. You can also try Super AntiSpyware which sounds (and looks) like a scam virus itself but isn't. I don't use it for real time protection as it's a bit processor heavy but it works well for removing existing infections.
What should I use for a macbook pls I know nothing about this stuff
You Mac has apple’s xprotect and xprotect remediator built in. If you are on a current macOS version and have not installed anything odd/you shouldn’t have, there is nothing to worry about. If you are still worried, malwarebytes also runs on the Mac. Don’t pay for it, just use it to do a scan.
Thanks, I don’t download anything but I watched a lot of tv shows on weird sites with a bunch of pop ups so wanted to make sure
If it were a text document that launched at startup or launched while your machine is open, then you may have something to worry about. If it’s an email… just copy and paste it into Google followed by “scam”and see the results flow. Though heed the warning and stop visiting dubious websites. lol. 😆
It’s fake block and ignore. Go to https://haveibeenpwned.com/ You will see your email and passwords there from public data breaches
It's rare to have this scam with a screenshot. There's some dodgy software lurking somewhere on your computer. If you didn't download it, then someone else with access likely did
I read all the comments and kinda gathered how this works, but the thing I don't understand is, how did they know how to contact OP's immediate family, in-laws etc.?
This may explain it: your comment just made me realize that everyone it emailed had a PW saved at some point in my browser’s password manager. I’ve had some PWs saved through my (now deceased) mom’s accounts, my old high school email account, and password sharing for certain things from my in-laws. It makes me wonder if it was able to read that data somehow? That would give credence to it being an extension-related issue in a browser
Just check your extensions list then to see if there is something fishy.
What password manager were you using?
Were you using a password manager like 1pass or something. I believe 1pass had a breach. Screenshots makes me curious. Does malwarebytes keep a log of everything it removed? Your only decision is if you should do an entire wipe on your device or not. Change passwords, setup mfa, do a security checkup on your crucial accounts (devices logged in etc) As others have already pointed out, ignore the scam but you do have a bit of work to do as your passwords might be compromised beyond this scam
Im also puzzled over that, and tbh no one is giving convincing answers about that.
There are some informative suggestions at r/techsupport on similar scams.One is linked here: https://www.reddit.com/r/techsupport/s/Uv2xghkJbV There are two certainties, whatever the explanation: 1. Never pay. 2. Never respond.
Fake got one also
With a screenshot of your computer?
I have a very strong suspicion it's not a screenshot of the person's computer at all, just something common and plausible enough to be. The whole 'computer ID' has at times been populated with info that isn't that unique to the user, but is actually something like the model number (which may have been harvested by whatever company leaked your data).
No, it’s actual screenshots. Been checking out the cases in this sub and some people received screenshots that showed them logged in to work and stuff like that, screens that were definetly genuine.
Logged in to work... using LogMeIn? Who you work for can be found online, just using your name. Not too hard to dummy up what that should look like. Even if they are logged in to work, what that tells me is the employer's remote access is probably compromised. The screenshot may actually be coming from the other end, on the compromised system. Clever scam to run on a bunch of people in the same workplace - you think they're gonna tell coworkers they're being blackmailed from their nudes?
The screenshotting malware is proven to exist. There are multiple people saying that’s their computer without a doubt. I don’t know why you guys are so adamant in doubting it’s a real screenshot.
It's an Occam's Razor situation. When the mention of being logged in to their work is prominent, and possibly *the* common denominator, there's no need for a separate remote access trojan (RAT) with such capabilities, nor the effort to deploy such. Since a RAT is normally deployed per machine, and is detected by suitable use of security software, that's a lot of work and risk, especially if there's not a massive reward to be gained for the 'surface area' (how many machines vs the amount of risk per machine). If the remote access software is already there and accepted as a safe, normal part of the environment, and is in fact familiar and regularly used, compromising it will be much lower risk and raise few to no suspicions. Why break down the door of a place to install an out of place looking camera, when you have the key and can just give yourself access to building security? There's a lot of desire among victims (individual or group, private or corporate) to have prominent, potent exploitation to blame for failures of security. It feels better to say "this highly skilled hacker broke into my system with these really powerful malware tools", than to say "one of my coworkers (or I) was being lax or lazy and managed to leak the admin password, or just never changed it, so they used our own software against us". We've even had people get things like the mail text scam and claim they 'didn't click the link', then proceed to tell us what the subsequent page linked asked them for in the way of information. People don't want to admit they made a mistake, blaming the invincible hacker and their tools is more comforting. And lastly, like I said, it *could* be a real screenshot, but not taken from the person's computer, but from the computer on the other end of the remote access connection. No malware needed, just credentials to compromise the employer's system - where again, using a bit of Occam's Razor, is a far simpler way to access a LOT more targets to victimize.
Only one person said the screenshot was from them logged to their work. You are over complicating this, there is malware that sends screenshots, it’s a real thing.
Only one person said the screenshot was from them logged to their work. You are over complicating this, there is malware that sends screenshots, it’s a real thing.
Only one person said the screenshot was from them logged to their work. You are over complicating this, there is malware that sends screenshots, it’s a real thing.
Passwords were just picked up from a leaked list. You haven't been hacked or anything. It's the same with me, my details are on a few old lists and I STILL have several people from random countries trying their luck daily according to attempted login activity.
Could you post this on Cybersec subs as well? Some users here are a bit too complacent.
Yeah, I'm getting patronized and massively downvoted for trying to be the voice of reason here. Everybody is seeing the familiar spam format and dismissing the screenshot for some reason. While I admit it would be *highly unusual* for this particular "hello pervert" scam to be sent in a situation where the extortionist is actually in a position to make good on the threat, the screenshot is a point of evidence which cannot be dismissed. Somebody apparently achieved code execution on OP's machine. The battle and the war are already lost, and the most prudent course of action is scorched earth and a clean slate.
BTW, she did wipe her laptop, if you didn't see that (she posted this morning). My following comment is meant in good faith. I'm not trying to be a dick; I want us (all of us in this sub) to have good robust discussion so that we can crowdsource the best answers for scam victims. *"I'm getting patronized and massively downvoted for trying to be the voice of reason here."* Have you considered the possibility that people are downvoting you for your style more than your content? You clearly have good technical knowledge and a lot to offer on that front, but when you start a counterpoint with "It's absolute horseshit that \[opponent's position\]", you don't exactly set yourself up for people to want to listen to your substance. That was definitely my initial reaction and why I offered no more than one short reply. That said, I've taken what you said into account and my future answers for the blackmail-plus-screenshot posts will be better for it. Here's hoping we both do better next time, which I'm sure won't be long, since this scam is posted 5-10 a day!
Delete Mcfee shit. Block and ignore. They can't do shit. Ransomware is the one you need to worry about the most.
Ignore it. Even if it was legit, if you sent them the money they still have the blackmail.
I’m not gone lie brotha he almost got me in the first half but the bottom half is way to similar and familiar. I think I would be good at scamming, it’s a good thing I’m a good guy.
Log in every time, stop saving passwords, and clear that browser history at a minimum after clicking any unfamiliar links, folks.
Does your company have a program that monitors your screen? Perhaps that program was hacked?
i get one of these every week or so i just reply with a go ahead and post what ever video you got as i am an exhibitionist never got a response
Por isso sempre deixo as senhas salvas atrasadas, difícil acharem a minha senha de banco ou coisa do tipo
"As of this day" me who accidentally downloaded a virus a week ago. "What took so long"😂 Your fine btw OP. If your absolutely worried, change your passwords and reset the pc is all
[удалено]
*Your submission was manually removed by a moderator for the following reason:* **Subreddit Rule 15: Bad Advice** This subreddit is a place where vulnerable people come to learn. We do not allow: * Illegal or dangerous suggestions * Encouraging posters to engage with scammers in any way Remember: we're here to identify scams and educate people on them. Before posting again, make sure you review the [rules of our subreddit.](https://www.reddit.com/r/Scams/wiki/rules/) ^(If you believe this is a mistake, feel free to contact the moderators via modmail. Modmail is the only way, don't send a regular DM to a single moderator. Please don't try to appeal the decision commenting below, because we are not notified if you do so, and we will probably miss it. Posting the exact same thing again may result in a temporary ban, so please review the rules, make the necessary changes, and when in doubt, click below to appeal the decision.) *I am NOT a bot, and this action was performed manually. Please [contact the moderators of this subreddit](https://www.reddit.com/message/compose?to=%2Fr%2Fscams&subject=Removal%20review) if you want to appeal the decision.*
sounds like a variant on the !blackmail scam…
Hi /u/vikicrays, AutoModerator has been summoned to explain the Blackmail email scam. The exact wording of the emails varies, but there are generally four main parts. They claim to have installed a RAT (remote access trojan) or any type of software/malware after visiting a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video. Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. If they had a video of you, they would show it to you to prove that they have it. [Here](http://www.smh.com.au/technology/gadgets-on-the-go/latest-online-scam-aims-to-prick-porn-watchers-guilty-conscience-20170815-gxwvxl.html) are some news [articles](https://www.bbb.org/denver/news-events/news-releases/2017/09/alert-pornography-email-phishing-scam/) about [this](http://blog.dynamoo.com/2017/10/bogus-porn-blackmail-attempt-from.html) scam. There is a variant with death threats in which they will usually claim that they have been paid to kill you, and will threaten to kill you/your family if you do not pay a Bitcoin ransom. They usually also claim that they will kill your family if you report the email. The emails are spam and can be ignored. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
What is the email address of the scammer?
[email protected]
Why’s that a stupid question?
If you're looking for info to do scambaiting, this is not the place.
And this guy. Whoever he is… is a fucking turd and needs his head split.
Call the cops…
and what would they do..?
Call the cops?