Recently a member of our team found a threatening message in her personal email account spam folder.
The email said:
“I installed a software on the adult videos (pornographic material) web-site and do you know what, you visited this website to have fun (you know what I mean). While you were viewing videos, your web browser began working as a Remote Desktop that has a keylogger which gave me accessibility to your display and also cam.”
The scammer then asks for payment via Bitcoin to avoid posting of an embarrassing video.
KrebsonSecurity reports that this type of sextortion email can seem realistic because the sender will sometimes use a real password that you may have used in the past on one of your email accounts.
But how did they get a legitimate email address and password if the threat isn’t real?
It appears the scammer finds emails/passwords related to different recent data breaches, then sends the password associated with the email and the data breach.
For example, if your email address was part of the Yahoo!, Marriott, or Equifax data breaches then the password you used for those services is probably out there on the web. To see if your email address has been part of any recent data breaches check out haveibeenpwned.com.
If you received this type of email there are a few things you can do.
- Change any logon/passwords associated with the password that was shown in the email if you haven’t already.
- Report the message as spam.
- Don’t pay. There is no video of you anywhere.
Are you still feeling paranoid that there could be a real RDP connection to your PC that is watching and recording everything you do in real-time? It’s easy to check just to be safe. Download and install GlassWire, then go to the top left GlassWire menu and choose “settings” then “security”.
Now switch on GlassWire’s RDP connection alert. From here forward, when your PC has an RDP connection GlassWire will alert you.
You can also see if your PC received an RDP connection while you were away. Just check GlassWire’s alerts screen or graph to see your PCs idle network activity. Or, you can turn on GlassWire’s “Block all” firewall mode when you’re away from your PC to avoid any connections while you aren’t using your computer.
Laptop Magazine also has a great article on how to disable RDP on all different versions of Windows.