Skip to main content

Scam PSA: The "This Account was Recently Infected"

Author’s note: A couple weeks back I published a post about a scam letter I received by snail mail. I also made this type of scam the topic of my last newsletter, and the response to that newsletter was so positive that I am starting a new series of posts on tech-focused email scams.

The topic of today’s post is a scam email that I have gotten through 3 different email addresses. It was also sent to a client this morning, which is another reason I started this new post series.

The email claims that your computer was hacked when you were visiting a porn site, and it might include one of your old passwords as proof. The beginning looks like this:

This account is hacked! It will be good idea to change the password immediately!
You might not heard about me and you really are probably surprised why you’re getting this particular e-mail, proper?
I am ahacker who openedyour emailand OSseveral months ago.
Never make an attempt to get in touch with me or look for me, it’s impossible, because I directed you this message from YOUR account that I’ve hacked.
I have created malware soft on the adult videos (porno) site ansuppose you have visited this site to have a good time (you realize what I mean).
When you have been paying attention to films, your browser began functioning like a RDP (Remote Control) with a keylogger that gave me authority to access your display and webcam.

The complete message is at the end of this post.  Edit: It was setting off Chrome’s security, so I removed it.

There are at least 5 different versions of this email floating around. They have slightly different text, but they all share similar bad formatting and spelling errors. All versions of this email falsely claim that you have been hacked, and they all demand that you send the scammer money via Bitcoin.

If you get one of these emails, just delete it.  You were not hacked, and the scammer does not have any incriminating evidence.

The thing you should know about scam emails is that most are sent out indiscriminately. Not only is that deposed Nigerian prince asking for help of just about everyone, scam emails like that one even go out to email addresses that don’t exist.

Yes, scammers are using random address generators to send emails to every possible address there is in the hopes that a few of their wild guesses will prove to be a valid email address (this is why you should never respond).

The reason I know the scammers are just guessing at email addresses is that my email server is set up to forward all-misaddressed emails to a junk folder so I can examine them (if someone tries to reach me through natehoffelder@, I want to receive their message). As a result, I get to see the dozens of emails sent to addresses that don’t exist and have never existed.

Or rather, my spam folders gets to see them; I don’t even bother to open most of the scam emails any more.

Similar Articles


DanR March 4, 2019 um 1:26 pm

Interestingly my browser, Google/Chrome, tagged this as possibly dangerous and that at least six people agreed. Guess you have the right triggers in it. Good article, by the way.

Nate Hoffelder March 4, 2019 um 1:29 pm

Hmmm, maybe I should take the text down.

Marion Gropen March 4, 2019 um 7:24 pm

BTW, there are versions that include old passwords that were acquired in one of the various breaches, and sold on the dark web.

Obviously, you need to stop using any passwords that were involved in a breach (and it can be a pain to remember where you might have done so!). And you should change "major account" passwords periodically.

But if you get one of the scam emails with a password in it, it’s worth checking that it’s an old, obsolete one.

Will Entrekin March 5, 2019 um 8:49 am

Password managers are also worth considering. Takes all the auditing and constant shuffling out of the equation.

Marion Gropen March 4, 2019 um 7:26 pm

BTW, if you collect scams, have you seen the overseas freight one? That catches a LOT of publishers who have print editions.

Nate Hoffelder March 4, 2019 um 8:35 pm

I have not. Can you point me in the right direction?

Lyn March 4, 2019 um 8:31 pm

Good info as usual, Nate. Gmail, of course, put a big red banner across the top of your email. I marked it "looks safe" and proceeded.

S. J. Pajonas March 5, 2019 um 11:25 am

Oh! This is my absolute FAVORITE spam email. I simply love that they spoof my own email address so that it really does look like they hacked me. What a pain in the ass. I just delete them. And I have also received the version where it has an old password of mine. That was another fun one to get. Sigh.

Ana March 5, 2019 um 1:58 pm

The thing is, people receiving this email for the first time and falling for it are technologically challenged (it can happen, but I don’t think someone comfortable with technology would believe it with all the grammar issues, that was the first hint for phising emails). I want to see that kind of people trying to use blockchain to pay without help… I don’t think that kind of scam has been very lucrative.

Nate Hoffelder March 5, 2019 um 2:27 pm

That is true. But to be fair to them, I don’t know I could correctly complete a BitCoin payment the first time, either.

Ana March 5, 2019 um 4:56 pm

Of course, I’m not mocking people not familiar enough with technology to detect that kind of mail is a scam, in case my meaning wasn’t clear, it’s just that I doubt setting up a Bitcoin payment is something few people is doing nowadays, so is going to be nearly impossible for them to pay.

Ana March 5, 2019 um 4:59 pm

There’s something wrong, WordPress is emailing me to confirm my subscription to new blogpost even when I have unchecked the option…

Sharon March 6, 2019 um 9:32 am

I just got this one today. It does give a jolt of fear when you see it for the first time because you’re going, huh?

My spam filter didn’t catch it. Maybe because it was the first time I got one of these. But I tagged it directly as spam and then deleted it from the junk mailbox.

Write a Comment