Careful scammers and hackers using mail spoofing

[tech30338]

Yesterday I received email from my own email saying that he/she has monitored every keystore and all the information about me is all gathered
he has sent me a Bitcoin address and told me that if I did not send any money in the form of Bitcoin he would expose my data has anyone received this kind of email?
What will you do?

• For me the very first thing that I would do is change my email address password because even though it's not true, we should always update it maybe 2-3 times a month or what you prefer.
• Also do a deep scan of your computer, but we should run daily scans if you really want, since sometimes we attach thumb drives coming from outside or download files, like freeware, which has a load of malware on it.
• Also avoid entertaining emails that say you have won part of BTC and saying you have to click the link,. never ever do that delete that immediately I have received lots of emails like this be careful.

for sure lots of people have been a victim of this, a few years back one of my clients has also been a victim of ransomware, and emails saying they have your data, so be very careful about what you do, and never communicate with them as much as possible.
Who among you also received this kind of scam and tricks what did you do, we could also educate new comers so that they will not fall victim to this kind of scam and hacking.

[1714694060]

1714694060

[1714694060]

1714694060

[albert0bsd]

I've receive that kind of email, but those aren't true, they only use mail spoofing, depending of your email provider it can show you some details like who signed that message, example:



I receive similar messages but those aren't signed by my email provider, also they show you some leaked password from some site databreak. But if you use a different password for each site you shouldn't worry

we should always update it maybe 2-3 times a month or what you prefer.

In theory that is the best option but if you do that i recomend you to use a password manager that can be sincronized between devices because it can be dificult to track every password that you use.

In my case i use a different password for every single page.

Remember to enable to Second factor authentication for everery site, but avoid 2FA by SMS becasuse it can be vulnerable to SIM swap.

Regards!

[hd49728]

Yesterday I received email from my own email

You received an email from your own email  

• For me the very first thing that I would do is change my email address password because even though it's not true, we should always update it maybe 2-3 times a month or what you prefer.

Updating, changing your email password too often is not actually good. If you use weak passwork, has a style of using similar password with very small changes between old and new passwords, your updated password is not good to protect your account from hacks.

Use strong password and you don't need to change it like 2 or 3 times a month.

[GUIDE] How to Create a Strong/Secure Password
Are your passwords in the green?

Check your email address with Have I been pwned?.

[Sanitough]

It's possible that a computer was compromised by malware, such as keyloggers, which can monitor your typing and potentially access sensitive information. Simply changing your password might not be enough, especially if the attacker already has access to your email or if your computer is still compromised.

To ensure your digital security, the best course of action would be to reformat your computer. This means wiping it clean and reinstalling the operating system. After that, change all your passwords, starting with fresh information. It's also essential to exercise caution when using your computer – avoid installing unnecessary programs and refrain from clicking on unverified links, as these are common sources of malware infections.

[albert0bsd]

Use strong password and you don't need to change it like 2 or 3 times a month.

That is true, I have not changed my password in some years  

[Fiatless]

for sure lots of people have been a victim of this, a few years back one of my clients has also been a victim of ransomware, and emails saying they have your data, so be very careful about what you do, and never communicate with them as much as possible.
Who among you also received this kind of scam and tricks what did you do, we could also educate new comers so that they will not fall victim to this kind of scam and hacking.

Some persons have fallen into this scam and paid some money to stop these scammers from exposing their confidential information. But they later find out that paying ransom is a grave mistake because they will not stop blackmailing and asking for more money. If one receives such an email,  just do a security check and take necessary protective actions. If it is fake, stop communicating with these criminals. But if it is true that he has some of your information, gather enough evidence and report to the relevant authority. Scammers will become powerless if they know that you are not ready to give them anything.

[Zaguru12]

In theory that is the best option but if you do that i recomend you to use a password manager that can be sincronized between devices because it can be dificult to track every password that you use.

I wouldn’t recommend the change of password every two to three months because just like you have said you can easily forget it or even mixed them together. You can change passwords at least ones in year depending on your preferences and when changing your passwords do not set aside a day to change passwords to all your accounts in one day or at the same period as this raises suspicions and could make scammers link the accounts together.

Also as some who is into cryptocurrency where security of your passwords are paramount you should avoid anything related to password managers and customized keyboards. Both of them store your passwords and since they are all closed source you don’t know what happens with your passwords stored on them. An hacker that gets access to those password managers app would automatically get access to your account passwords too. Also the use of password managers makes one to rely on them and as such you will forget those passwords and when time comes to recover them either because of device lost or damage you wouldn’t.

Also when using an email for accounts related to anything finance, make sure you separate that email with the ones used for social media accounts and other sites. Emails are easily visible in this two places and could lead an hacker to any of your financial informations on the email.

[_act_]

Yesterday I received email from my own email saying that he/she has monitored every keystore and all the information about me is all gathered
he has sent me a Bitcoin address and told me that if I did not send any money in the form of Bitcoin he would expose my data has anyone received this kind of email?
What will you do?

It has not happened to me before, but it always happens to big companies and the hacker will also encrypt the information with ransomware or show the company the data they got and to pay money.

• For me the very first thing that I would do is change my email address password because even though it's not true, we should always update it maybe 2-3 times a month or what you prefer.

Do you know that you can use 2FA app with your email? 2FA for better security. This can help you not to be changing the password all the time.

[bitbollo]

if they really had this information they wouldn't tell you but they would act accordingly.
check on "I am pwned" https://haveibeenpwned.com/ if your address ended up in any of the hacked account databases (and which password they recovered).
ignore all these emails and put them in spam. there is nothing to worry about.

[tech30338]

Yesterday I received email from my own email

You received an email from your own email  

• For me the very first thing that I would do is change my email address password because even though it's not true, we should always update it maybe 2-3 times a month or what you prefer.

Updating, changing your email password too often is not actually good. If you use weak passwork, has a style of using similar password with very small changes between old and new passwords, your updated password is not good to protect your account from hacks.

Use strong password and you don't need to change it like 2 or 3 times a month.

[GUIDE] How to Create a Strong/Secure Password
Are your passwords in the green?

Check your email address with Have I been pwned?.

It's called email spoofing where they will try to trick you into believing what you see is real like a header but if you look deeply at your header, it's not your email ill give you an example, your email is john@yahoo.com now if you are not looking closely an email will be sent to you, with this email john.@yahoo.com or johnn@yahoo.com if you're not going to look in the header you will believed it's your email and panic, it means it's a fake sender pretending to be your email.

[Fuso.hp]

Hackers sometimes fall into different types of fraud traps and many users sometimes fall into the trap of hackers without understanding the traps of fraudsters. The hacker will try to gain trust from the users before trying to trick them. We have various elderly people in this region who are paid old age allowance by the government. Earlier old age allowance was usually brought to a specific place, but now, thinking about the convenience of people, the government gives old age allowance through mobile banking. Elderly people are usually not very aware of the hackers so they call the mobile banking number of everyone who gets old age allowance and ask them to share various account details. Hackers have blanked the accounts of those who have shared various account information without understanding this fraud of hackers, so we must always be careful of such frauds. Cryptocurrencies are usually the most fraudulent so we must be extremely careful.

[Publictalk792]

I completely agree with you about being cautious when it comes to emails claiming that you have won Bitcoin or other rewards. These are often phishing scams attempting to trick individuals into revealing personal information or clicking on harmful links. Deleting such emails is the right thing to do.

It's unfortunate that many people have fallen victim to these types of scams. Sharing your experiences and education on avoiding scams can indeed be helpful for newcomers and others who may not be familiar with the risks. By raising awareness and promoting safe online practices, we can collectively work towards reducing the number of people affected by these scams.

always be cautious with your personal information online and continually stay informed about potential threats.   

[BitMaxz]

Email spoofing with content saying that they monitored you is a bit scary but changing only your email password is not enough you should also check the email activity what device and IP your email is currently connected and check if there is a recovery email and phone number added in your email you should remove them and keep only email and phone number that you truly own.

I have a friend who fell victim to phishing not from email spoofing even my friend changed his password the hacker was still able to access his email after I checked his email activity and recovery I saw different devices and IPs that the owner did not recognize and added email recovery that is why I suggested him to remove these emails and phone numbers that he don't recognize and add 2FA, after that change the password and disconnect the email to all device.
After he did that the hacker couldn't able to access his email no new unknown IPs and devices were listed on his email activity meaning he successfully got rid of them.

[dimonstration]

Assuming that this scammer is really holding our data for the sake of discussion. Paying them doesn’t guarantee that they will not expose our identity since there’s no assurance that they will delete our files once they are paid. The hacker should attach your personal info to verify that they are really holding your ID. 

Hacker is now becoming more creative on how to scam user knowing that there’s a lot of leak data incidents happened in crypto space.

[Questat]

I have not yet experienced receiving this kind of email maybe because they haven't found my email add yet (maybe in the future). I could agree that changing passwords from time to time isn't a good idea, unless when have been warned that someone is trying to access my account. But until there is no suspicious activity happening, I think it is not necessary to do that.

because whatever we do, when our email add has already been exposed, the scammer will try to touch us. They won't be successful if we keep silent and never reply to their emails.

[Shamm]

I have not yet experienced receiving this kind of email maybe because they haven't found my email add yet (maybe in the future). I could agree that changing passwords from time to time isn't a good idea, unless when have been warned that someone is trying to access my account. But until there is no suspicious activity happening, I think it is not necessary to do that.

because whatever we do, when our email add has already been exposed, the scammer will try to touch us. They won't be successful if we keep silent and never reply to their emails.

Same here never been received that kind of message but still we need to be careful as we all know that hackers are in everywhere and we can't hide them once we fall into thier trap. But the best thing to do to avoid these kind of happenings is we need to secure our account we must not login to public computers which there are many keylogger installed by hackers or by the owners. So it's better to keep in Private and don't change your password every now and then.

[tranthidung]

I have a friend who fell victim to phishing not from email spoofing even my friend changed his password the hacker was still able to access his email after I checked his email activity and recovery I saw different devices and IPs that the owner did not recognize and added email recovery that is why I suggested him to remove these emails and phone numbers that he don't recognize and add 2FA, after that change the password and disconnect the email to all device.
After he did that the hacker couldn't able to access his email no new unknown IPs and devices were listed on his email activity meaning he successfully got rid of them.

I agree with you that if something is wrong and you detected it. You must change your account password and choose a setting to log it out on all other devices. Because it's you change your password, you will have no issue to log in on other devices but hackers who only know your old password will not be able to log in your account again, except if they hack your new password too.

First steps to do to temporary secure your account, avoid further compromise. After that, I will clean my device, install a new OS and change my account password again.

Some people even don't mind to use 2FA for their accounts and it's too late for them to do this after their accounts were hacked.

[ImThour]

Thanks to Apple, I am using the "Hide my Mail" feature and it's so good. You never share your actual email with anyone and can also be used at every single website and platform, for throwaway emails., they don't work on all platforms.

If you want to stay safe from mail spoofing, just understand that no one gifts you free money and any email with that written is a total scam at the first place and you shouldn't spend your time clicking on it.

[Zigabel]

Yesterday I received email from my own email saying that he/she has monitored every keystore and all the information about me is all gathered
he has sent me a Bitcoin address and told me that if I did not send any money in the form of Bitcoin he would expose my data has anyone received this kind of email?
What will you do?

• For me the very first thing that I would do is change my email address password because even though it's not true, we should always update it maybe 2-3 times a month or what you prefer.
• Also do a deep scan of your computer, but we should run daily scans if you really want, since sometimes we attach thumb drives coming from outside or download files, like freeware, which has a load of malware on it.
• Also avoid entertaining emails that say you have won part of BTC and saying you have to click the link,. never ever do that delete that immediately I have received lots of emails like this be careful.

for sure lots of people have been a victim of this, a few years back one of my clients has also been a victim of ransomware, and emails saying they have your data, so be very careful about what you do, and never communicate with them as much as possible.
Who among you also received this kind of scam and tricks what did you do, we could also educate new comers so that they will not fall victim to this kind of scam and hacking.

When you see mails like they don't make impulsive moves, such as trying to check out the link to verify If it's true or not, always ignore them and keep your mail as safe as possible, first step to overcoming such is not clicking on any of such links sent to you as that .ay be the only gateway for them to get full access even if you have change your password, they could recover your details and gain access again.

Note that any mail with such threats are fake and fraudulent, because if they do have your details they would have gone ahead to hack your mail and do what ever they want with it, coming to tell you they do so you could send them some money shows they are fake and need access from you to continue their fraudulent activity on your mail, ignore such mails and never click on any link, always make sure to keep your details safe and change them as often as you can, don't logging you Mail on multiple devices especially that which you don't trust well enough.

[Yamane_Keto]

I prefer to use a separate computer/phone for sensitive data so that I avoid downloading any software on that computer and be careful to only visit sites I trust.

check on "I am pwned" https://haveibeenpwned.com/ if your address ended up in any of the hacked account databases (and which password they recovered).

As much as these services are good, there is nothing preventing them from registering your email address and selling it. If there is an open source service, and you can host it self-hosted with an hourly update to the database, then we can guarantee that such services will not be registered or misused.