One of our clients recently forwarded us a disturbing message, and urgently wanted to know what had happened and what they should do about it. Luckily, we were able to put their mind at ease. With their permission, we’re sharing this scam with you as well in the hopes of preventing any of our other clients from having to go through this upset. Warning: some sexual content is implied by this scam message.


My nickname in darknet is Zoep55.
I hacked this mailbox more than six months ago,
through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

If you don’t belive me please check ‘from address’ in your header, you will see that I sent you an email from your mailbox.

Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the intimate content sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You are so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $500 is quite a fair price to destroy the dirt I created.

Send the above amount on my BTC wallet (bitcoin): (BITCOIN ID REMOVED)
As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I’ll send to everyone your contact access to your email and access logs, I have carefully saved it!

Since reading this letter you have 48 hours!
After your reading this message, I’ll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Do not be so nonchalant, please visit only to proven resources, and don’t enter your passwords anywhere!
Good luck!

Let’s break down why this is manipulative bull honky:

  • It is VERY easy to “spoof” a “from” address on an email. It does not require access to someone’s actual email inbox. So a scammer trying to use that as “proof” of hacking your account is extremely weak, but the sort of thing likely to frighten most people who do not have a tech background. Think of it like writing a return address on a piece of mail — almost everyone writes their OWN return address, but there’s basically nothing stopping you from writing someone else’s return address, or the recipient’s address twice. It’s only mildly harder to do the same sort of thing on the web if you have the appropriate tech skills.
  • This scammer references knowing what “intimate” websites the victim visits, but doesn’t name a single one. If they actually knew this, why would they not include that info? That’s stronger proof of having access to someone’s computer. But they omit it.
  • They reference having access to the victim’s personal info, but don’t reference any specifics at all — not even the victim’s first name!
  • They say they have been taking photos of the victim… In this particular case, we’d just done an office visit, and knew that the client’s computer did not have a webcam installed in it.

If you receive a message like this, don’t panic! Start by reading it very carefully. How much of it is actually true of you, and how much of it reads like a chain letter designed to apply to as many people as possible in a way that will scare them silly and get them to just “pay up”?

Of course, there’s never any harm in running a virus scan on your computer, making sure your passwords are securely stored, not re-used and routinely changed, but you should be doing all those things anyway. You do, right? 😉

Stay safe out there, friends!