Renewed Scam Advisory: Ignore & Delete Obviously Deceptive E-mails

Thu, 2019-05-09

The Bermuda Police Service is once again advising all residents to remain vigilant regarding phone calls, e-mails and other correspondence from unknown persons that attempt to obtain personal information and other sensitive data – or even attempt to extort money.

An example of a popular e-mail scam is provided below. So far, recent scams of this type reported to police have not resulted in any financial losses. However, it is strongly recommended that senior citizens continue to be especially vigilant.

[Start E-mail]

I'm a hacker who cracked your email and device a few months ago. I know ‘123456’ is your password. You may not know me and your are most likely thinking why you’re  getting this email correct?

Well, I install malware on adult video clips and I know that you have visited these websites to have fun (you know what I mean). When you are watching these video clips, your browser operated a key-logger which gave me accessibility to your webcam and keyboard. Just after that, my software gathered every single one of your contacts from email, messenger and social networks.

What did I do? Well, I created a video of you watching these adult websites. I have also hacked your email and am sending this email from your own email address. What should you now do? Well, I think $500 is a fair price to keep my little secret. You will make the payment through Bitcoin (search how to buy Bitcoin if you need to).

Bitcoin address: [a series of numbers and letters are included here].

Note: You only have one day to make the payment and my software will notify me when you’ve read this message.  If I do not receive Bitcoin, I will certainly send out your video recording to all of your contacts, including friends and family, colleagues and so forth. If I receive the payment I will destroy the video immediately. This is a non-negotiable one time offer. Don’t waste my time and yours by responding to this email.

[End E-mail]

This e-mail works by convincing the user that their computer or e-mail account has been compromised and that they are being watched.

This is not the case. Fraudsters may have obtained historic e-mail accounts and passwords from insecure or compromised websites and thereafter used a technique called “spoofing” as a means to validate claims of the user’s computer /e-mail account being compromised.

The best way to deal with these particular e-mails is to immediately delete.

Don’t open them, don’t reply, don’t open attachments, don’t click any links contained in the e-mails and certainly don’t send any money.

The use of commercially available anti-virus and firewall software will usually prevent any of the claims made within the fraudulent e-mails.

If any person has suffered any financial loss as a result of this particular e-mail or simply wishes to discuss similarly suspicious e-mails, please contact the Financial Crime Unit on 247-1757 or fraud2@bps.bm.