SCAM emails: I got an email from my own email address, did I get hacked?

Spoofed email: I received an email sent from my own email address, they say they have all my information and are asking for bitcoins payment.
SCAM emails: I got an email from my own email address, did I get hacked?
SCAM emails: I got an email from my own email address, did I get hacked?

This is one of the most comon scam emails out there and it is because it is easily done.

  • The first thing to do is don't panic, chances are that you were not hacked.
  • Second, do not reply, do not open any attachments and do not send any payment.

Any programer, with even little programing knowledge can send an email from any address to any address, and this is because we don't need access to a specific email account in order to send an email "from" that address. 

For example, let's say your email address is [email protected], in php the code looks like this (documentation)

mail('[email protected]','I hacked your account','I got access to your email','[email protected]')
//     TO                  SUBJECT                   MESSAGE                   FROM

And that's it, the code above will send an email to [email protected] from [email protected] with the subject I hacked your account, and the message "I am a hacker and got access to your email".

As you can tell it is very easy, so if you got an email claiming that they hacked you and that they have all your information, because you were in a pornohgtaphic website, or some spy was trying to get information form you, or whatever reason, ignore and erase the email, it is a scam.

 

Here is an example of one of those emails:

Hello, I work as a Private Investigator.
Our agency received a case with an objective of hacking into your email, phone, cloud storage, network and collecting intelligence.
We work with hackers from China for tasks like that, and they are the best. As you can see, they did a good job. Your accounts and devices are compromised.
But we do have an ethical protocol in place.
After checking the background of the person who paid for the hacking and investigation on you, I have decided to come forward and offer you to buy the information about that person (name, contacts, emails and other proof).
You will also get a report on yourself (including a list of compromised accounts, devices, logs, screenshots, photos and documents).
Normally, we do not disclose sensitive information about our clients, but in this case we will be.

Upon reviewing this case, I found that something illegal was planned against you.
The materials we have collected on you are very sensitive and can be easily used to blackmail you.
We usually address personal and corporate espionage cases, but this case is different.

We have received a prepayment of 50% for your case from that person (total agreed upon cost was 12500 USD).
However, I will give you a discount (without any profit for the agency), if you decide to buy this information.
After we get the payment, I will get back to you. You have 2 business days to make the transfer. It will cost you 40% of the unpaid balance.

We will process $2,500 payment through bitcoin. In case you have trouble with bitcoin, google how to fund it.
Send BTC to this wallet 1H7QWKGzZP1XcY7ruE16X4nYhdbqRzMJ52

It will be up to you what to do after you get the information. We will delete all files. The original client will get nothing and will never know about our deal.
Please keep in mind, because I need to pay Chinese contractors, and if you decline this offer, I will have to go to the original client and send all intel to cover the costs.
But at least you know that now and have a free heads up of what's coming.

Comments

Get a Quote

Get a Quote