This article updated 6/23
Anatomy of a Threatening Email
This is going to save you a lot of worry, grief and maybe even money!
Below is a threatening email I received today. And it’s not the first one I have received.
Threatening emails are common, usually poorly executed, and sometimes successful in extorting money from people! They come in various forms, but the gist is the same. They want to scare you into paying them money.
I’ll let you read it for yourself, and then I’ll explain a few things.
PLEASE DO READ IT BECAUSE IT’S IMPORTANT TO GET A FEEL FOR THE LANGUAGE AND WRITING STYLE.
Email Content From a Blackmailer
The Reality is… It’s Total B.S.
So here are a few things to note…
- First I want you to know that I don’t look at porn.
And whether you do or not, they do not know that information. This is a standard threat because so many people do look at porn. If you don’t know any better you may think you’ve actually been caught in the act. You haven’t.
- Notice the little “ticks” over several letters?
This was either written in a different language and converted, or their character settings aren’t quite right for the English language. And of course there’s the grammar! Clearly English is not their first language. Very poor execution.
- I love the content in the P.S.
“I guarantee you I will not disturb you after payment.” Instead of P.S. it should have said B.S.! I do know of a couple of people who have fallen prey to these evil people and indeed they were hit several times over. “Honor hacker” my a$$! There is no such thing. Never believe a blackmailer!
- And then this part:
“Don’t hold evil. I just do my job.” Aw, he thinks I’m stupid. Please don’t feel sorry for a blackmailer. They lie like liars who lie!
- Now here’s where you have to pay attention.
The password in the subject line is indeed a real password I used… about 8 years ago! Someone who had my information got hacked; that information was stolen and then placed on the dark web for sale (or maybe for free, but probably not). This is a HUGE reason why you should change ALL your passwords every few months. And don’t just flip between 2 passwords each time. I see this a lot. Making your passwords lengthy, unique, and difficult is super important! But in this case, even if it was both of those things, it can still get leaked. Long or short, the hackers, and/or people on the dark web would still have it. You have to change them regularly!
Read this statement from the MalwareBytes website: What to do when you receive an extortion email
Caution: the blackmail example they use in the article is a bit explicit.
Maintaining a different password for every account you have is difficult.
I used to keep a spreadsheet of everything and it just got out of control. After a lot of reading, talking with others and general research, I finally started using a password manager about 7 or 8 years ago. And I have never looked back. I use LastPass but there are several out there now. 1Password is popular as is BitWarden.
When I first heard of these password managers, I was concerned that it could get hacked and someone would get ALL my CURRENT passwords. And there have been a few vulnerabilities over the years, but these companies have been vigilant to plug holes and keep things locked down with up-to-date code. To my knowledge, I have never had an account breached as a result of using LastPass. Ever!
Check out the Password Manager website to learn more about password security and password managers.
This site is run by a couple of tech and security savvy folks. It makes a great resource! They do have affiliate links but I think the reviews still seem honest. If you buy anything from them, do so at your own discretion.
So now I have one password to rule them all (a little nod to Lord of the Rings).
I just have to know my login and password to the “Vault” where the passwords are all held. I also have 2 Factor Authentication (2FA) set up so when I do access LastPass, I use the 2FA app on my phone to verify it’s me. And this one password is actually encrypted on my computer, not off in the cloud or on someone else’s server. After these last several years, I have not had any problems! I actually don’t know ANY of my passwords any more because I can now easily make them long and complicated without needing to remember them. EXCEPT… you have to know your password manager password! That does not get saved within the program. I have not had a time when I’ve forgotten it so I can’t tell you how the process goes when you do forget. They do have a process in place in case this happens.
However you choose to keep your passwords, please put reminders in your calendar to go in and change your passwords every other month. If that feels overwhelming, then at least do the major important ones like banks, credit cards, and any accounts that have access to your finances or your social security number.