I’ve received a bunch of these over the past several weeks. Weird thing is, they actually do have my passwords in two instances. These are non-random unique passwords that are impossible to guess. Anyone else seen these? They want bitcoin payments and are threatening to unlock malware on my computer. Not worried, but a little disconcerted.
Then they are trolling. Don't click the link and you'll be okay. and change your passwords as a just in case.
Do they actually have them? Cooties if they do and the old Mac argument doesn't really hold water anymore.
It’s trolling... I get 2 to 3 a week, even on accounts of employees that we’ve fired. Ignore them. Change your passwords if you want.
And don't use that machine for anything private until you find the malware. Change the password on your home router as well, and re-load the firmware. Other means of access are anything connected to your home network - cams, tv, appliances, portable devices, wifi passphrase, etc. Change passwords and/or re-load firmware on all of them.
From one of the multitude of data breaches on sites you clearly used. Most breaches involved exfiltration of clear text passwords, which are then sold on the dark web to be used in phishing attacks (among other things), like the one they used against you. Reset your passwords on the sites where you used those passwords then mark the emails your getting as spam and disregard. This is a common scheme.
That’s what I’m thinking. There doesn’t seem to be any relationship between the passwords they have and my accounts. If they knew which accounts I have along with user name and those passwords, they would’ve already done serious damage to me.
To clarify, if I had a virus that was actually key logging, I would definitely know within a few minutes.
Go here and plug your email account in: https://haveibeenpwned.com/ Chances are one of the breaches that come up under your email address is one where those passwords were used.
If you had ransomeware on the PC it would have locked your files of interest already.....then you pay them to get them released.
Seems to me, you enter your email address there, just another spammy/malware site. I remember the sites that would ask you to run a free scan of your 'puter. Then come up with dozens of 'viruses and malware' and then want you to pay to have them removed. Total scam. How do you KNOW this site's legit? Or any site for that matter- they all sell address, data, logs, etc. I'm NO expert- just my 2 cents.
It’s legit. https://www.troyhunt.com/the-legitimisation-of-have-i-been-pwned/ It’s saved my ass on several breaches.