“We know what you’ve done” say cybercriminals, but do they really?

Share on facebook
Share on twitter
Share on linkedin
Share on email

For the last week ESET South Africa has noted a sharp increase in the amount of threats emailed to users from cybercriminals who claim to know their secrets.

More often than not these threats allege the person was watching adult content, or they had breached some form of copyright law.

These sorts of scare tactics aren’t new by any stretch of the imagination but ESET has noted that these latest threats try to gain legitimacy by including a user’s password in the email.

“What’s new about this variant, which ESET has been detecting and blocking for about a week, is that it sends the password of one of the recipient’s accounts, in order to establish more legitimacy,” ESET tells us.

Now, the password could very well be one you’ve used before but ESET explains that often these criminals are taking a shot in the dark.

They are helped along by the fact that breaches have become rather commonplace of late and, while the password might be legitimate, it might not be one you’re using or have used for some time.

As we learned earlier this week, cybercriminals are able to get their hands on any number of resources via the dark web and these emails might simply be a case of “this email address and this password go together”.

ESET’s advice for users is to be vigilant and to never respond to these emails no matter how severe the threat is. Instead, if you think the password is legitimate, take the time to change it.

More often than not the cybercriminal is taking a shot in the dark and really has no idea what you did last summer, or yesterday for that matter.


[Image – CC BY SA 2.0 Kieran Lamb]

Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.