Received an email saying someone has hacked my email account

Solution 1:

Fake. Delete It and Move On

I got a similar email last week and it is fake. All the details you mentioned are identical to the email I received. In my case, I use 2-factor authentication for my Gmail account, LastPass for my password management and a VPN for all my connected devices. The most telling part of the fakery is that the ‘hacker’ compromised you six months ago, yet has not taken any action. If they have the goods on you, why not sooner? Lastly, the email appeared in my Gmail SPAM filter. That’s the biggest clue to that it is SPAM.

Sample Spam

Hello!

My nickname in darknet is hort17. I hacked this mailbox more than six months ago, through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

So, your password from is (and incorrect, btw).

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history. Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit. You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching. Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right? If you are of the same opinion, then I think that $890 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): 1EZS92[...redacted...]E62e9XY As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device. Also, I'll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours! After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson. Do not be so nonchalant, please visit only to proven resources, and don't enter your passwords anywhere! Good luck!

Solution 2:

Yes, it is a scam. There are two clever things that it does to make itself appear real (at least, more real than most scams), but those can be relatively easily debunked.

  • Firstly, it uses your own e-mail address as the "From" address. However, just like you can write any address on the back of an envelope before slipping it in the box and no one is going to check whether it is really your address, you can in principle write any address in the "From" header of an e-mail. (Some e-mail services may not allow you to do this, but it is a limitation of those particular services, and not of the e-mail medium itself.) Therefore, just because your e-mail address appears is no proof that your account was compromised.

  • Secondly, it shows you a string that it claims is the password for your e-mail, and this claim actually has a non-negligible chance of being correct. Remember those "Big Website compromised; user data leaked!" headlines you see in the news from time to time? Well, you probably had an account on one of those websites using your e-mail address and that password; the scammer obtained that information from the leaked data and is betting that you use the same password for your e-mail account. Have I Been Pwned? is a useful service that aggregates all the leaked data from known breaches so you can check whether your e-mail or password appears in any of them.

Finally, you can search for the given bitcoin address on a bitcoin lookup service such as this one; it has almost certainly been reported as a scam already (and you can see from the address's activity that these scams do work).