Receiving a spam email that contains your password

11th September 2019

I’ve received an email that contains my password, and it’s asking me to send money. What should I do?
A new type of scam email had become quite prevalent recently and it can be quite alarming if you’re on the receiving end of it. It will contain a password that you either currently use, or one that you have used in the past and the email will usually try and scare you into sending money to the scammer. Typically the email will tell you that they have hacked your device and have a compromising video of you that they will send to your contacts if you don’t send them money, usually via bitcoin.
It’s important not to panic if you receive one of these emails, as they usually contain a tight deadline in order to try and force you to act quickly.
How did they get my password?
When you see your password in the email, your first reaction is that you must have been hacked in some way. However, the way that the scammers obtain your email address and password is far less sophisticated than you might suspect. Unfortunately there have been (and always will be) multiple occasions where criminals have extracted data from sources such as online forums, online stores and even banks. In some of these breaches, usernames and passwords have been compromised and made publicly available for scammers to use. You can find out if any of your data has ever been compromised by entering your email address at a website called have I been pwned? It’s worth noting that you’ll need to check all of the email addresses that you use to sign up for various accounts online.
Scammers then use the email addresses and password combinations that were obtained during the data breach to send a wave of spam emails. This is why the password you see in the email might be a password you have since changed – they only have access to the data that was available at the time of the breach. If you have since changed your password, their data is effectively worthless.
What should I do?
If the password in the email is one you currently use for anything, change it immediately. After this, you should run a virus and malware scan on your devices. It’s unlikely that you’ve been compromised (they probably wouldn’t email you to tell you because they’d lose access), but it’s always good practice in these situations.
Do not reply to the email, you should just ignore it. These emails are sent out to thousands of email addresses in the hope that they will either get a response or the recipient will send the ransom. If you respond, you’ll likely receive further communication to try and persuade you to send money. It’s always worth changing your passwords and virus/malware scanning your devices if you suspect you have been compromised in any way, but there’s no need to do anything else at this stage.
What can I do to protect myself in the future?
There’s nothing you can do to prevent your data being compromised in a third party breach, but you can take steps to protect yourself if it does happen.
• Use 2 factor authentication where possible.
• Do not re-use passwords for multiple accounts – try and use different passwords for every single login you use.
• Use strong passwords. Use all the characters available – lowercase letters, uppercase letters, numbers and special characters.
• Use passwords that are not easy to guess. Pa55word! uses all the characters available, but is still very easy to guess.
• Do not store your passwords in plain text.
• Use a password manager if you can. A password manager can securely store your usernames and passwords for all the services you use that require a login. You just need to remember one password to access the password manager, which makes it easier to use much stronger passwords that you never have to remember. Just make sure you use a very strong password to access the password manager and never write it down or use it for any other login. LastPass and KeePass are both free and commonly used managers, but there are other solutions that you can use too.
• Change your passwords on a regular basis. This will ensure that if your username and password is compromised, it can’t be used for very long.
Finally, if you still have any concerns our support team will be happy to help with any questions, contact or 01622 391300