00:00Did you just get an email from your own address?
00:03You're likely being targeted by a scam.
00:06Imagine opening your inbox and seeing an email that appears to be sent by yourself.
00:10It's a jarring experience, but don't panic.
00:13This isn't a sign that your account has been hacked.
00:16What you're seeing is a sophisticated scam technique known as email spoofing.
00:21What is email spoofing, and how does this scam work?
00:24Email spoofing is a technique where an attacker changes the sender's address of an email
00:29to make it look legitimate, even though it's a fraudulent message.
00:33Lorena Manzano, a cybersecurity researcher at the University Carlos III of Madrid,
00:38explains that attackers manipulate and falsify the email,
00:42modifying, among other things, the source address or the subject.
00:46Their goal is to falsify emails to pass for legitimate users.
00:50In this particular scenario, cybercriminals choose to send the email
00:53from what appears to be your very own address.
00:56They're impersonating their own address, making you believe that it was sent from your account.
01:01However, it's crucial to understand that this intrusion into your email does not actually happen.
01:07As explained by the National Cybersecurity Institute,
01:10common email service protocols don't include mechanisms to verify that the sender information
01:15is authentic.
01:16This allows attackers to change the code that displays the sender without being detected,
01:21replacing it with a false one.
01:23The Blackmail Threat
01:24What these emails usually say?
01:28These scam emails often start with intimidating lines such as,
01:32I've been watching you for a few weeks.
01:34Have no idea how this is possible.
01:36You visited a site that was infected with my software.
01:39They then go on to claim that the cybercriminal has total access to your device
01:43and can supposedly turn on your microphone and camera at any time without you knowing.
01:48The core of the scam is a threat.
01:51The email typically claims to have intimate video content of you and threatens to send these
01:56videos to your contacts in social media unless you make a payment.
02:00They often create a sense of extreme urgency, demanding that you complete the transaction,
02:04usually in cryptocurrencies like Bitcoin.
02:07Within a short time frame, like 48 hours, attackers often emphasize the humiliation and shame
02:14of the situation, to blackmail the victim.
02:17The most important thing to know, the threat is not real.
02:20Despite how convincing and frightening these messages can seem, here's the critical takeaway.
02:25This threat from the cybercriminal is not real.
02:28That is, they have not accessed your devices.
02:31Therefore, they have not recorded any intimate or private videos either.
02:36The main objective of these criminals is to obtain the affected person's personal data
02:40for criminal purposes, stealing money, blackmail, spreading malware through attachments, or
02:46infected links.
02:48How to recognize a blackmail email.
02:51These types of emails, even those sent from your own address, usually share common characteristics
02:55that can help you identify them as fraudulent.
02:59Threats of publishing sensitive content.
03:01They typically contain threats to publish intimate or sensitive content.
03:05Supposedly recorded from your device screen.
03:07Urgent demands for money.
03:09They urgently request a payment.
03:11Usually in high urgency or pressure to act, they often create a sense of extreme urgency
03:17or rush for you to perform an action.
03:20Spelling errors.
03:21Sometimes, the text may contain spelling mistakes.
03:24What to do if you receive such an email?
03:26If you receive an email like this, supposedly sent from your own address, here are the recommended
03:31steps.
03:32Delete the email immediately from your inbox and mark it as spam or junk mail.
03:37Do not make the payment requested by the separate criminal.
03:40Do not share any personal data or information about your contacts.
03:44If you have already paid the requested amount, it is recommended to collect all possible evidence
03:49of the blackmail and file a report with the police.
03:53You should also delete all possible communication with the separate criminal.
03:57If the email contained a malicious file, it's advised to have antivirus software installed
04:01on your device, as it will alert you to potential dangers.
04:05If you're re-concerned about whether any alleged intimate videos have been published or if your
04:09passwords have been compromised, you can search for information about yourself online or use
04:14websites like haveybinpen.com to check for data breaches.
04:18If you find content that violates your privacy, you can request its removal from the platform hosting
04:24it, thanks to the right to be forgotten.
04:26Money Explains
Comentarios