NOTICE: Extortion scam emails with stolen passwords not credible

by Michelle Saport  |   

We've had some reports of members of the UAA community seeing a new variation on an old scam-an email claiming that the recipient has viewed pornography and demanding payment (often via crypto-currency like Bitcoin) to keep this from becoming public. See a sample of the text at Sextortion Scam Uses Recipient's Hacked Passwords (Krebs on Security, 7/12/18).

The new twist with this particular scam is that the email includes a password previously associated with the recipient's email address for an online account-likely a compromised password that was used many years ago.

Please reassure people in your units that this is a scam. The sender does not have evidence of the viewing of pornography, and recipients should not pay the money.

How You Can Tell This Is a Scam

  • There are numerous reports of this scam on the web. Copy a sentence from the extortion email and Google it, and you likely will see numerous articles describing the scam.

Both UAA's IT Services and UA's Office of Information Technology consider the emails not credible.

How to Protect Yourself From Scams Like This

References:

Creative Commons License "NOTICE: Extortion scam emails with stolen passwords not credible" is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.