15 May 2019 Wednesday. 11:35:45 UTC
Sextortion Scam Uses Recipient's Hacked Password
The basic elements of this sextortion scam email have been around for some time, and usually the only thing that changes with this particular message is the Bitcoin address that frightened targets can use to pay the amount demanded. But this one begins with an unusual opening salvo:
“I’m aware that <substitute password formerly used by recipient here> is your password,” reads the salutation.
The rest is formulaic:
You don’t know me and you’re thinking why you received this e mail, right?
Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop)