Gmail account hacked or bogus spam?

[Technique]

I don't usually go in to my Gmail junk folder but i accidentally sent an email there in Windows Live Mail so i went to retrieve it & that's when i saw a couple of emails which (sort of) has my email as the sender & says that my Gmail account has been hacked. Problem is these ones seem more authentic than others i've had in the past.

 

My email is @gmail.com so let's say it'd be billgates@gmail.com. When i originally created the account many years ago the extension was actually @googlemail.com but somewhere along the line i changed it.

 

The threatening email that landed in my junk folder is the correct start but the extension is @googlemail.com. That's the first semi difference.

 

The next is it actually says in the subject and main body what my password is. This is the concerning part. My password isn't even a real word. It's pretty much like a keyboard smash with letters & numbers. The 'password' this person has given is correct apart from they're missing off the final character (i wont say whether letter or number).

 

Their first email claims they are the hacker who 'broke my email and device' a while ago (i don't remember). They intercepted my password which i entered on a web page.

They say i can change it but it wont matter as their malware modifies it every time.

Don't bother contacting them as they sent the email from my email.

They have my friends, workers (unlikely as i don't have my workers tied to my email).

They set up a Trojan on my device (if they mean phone then i haven't noticed a problem).

They ended up "being hit through the sites of passionate content material that you often stop by" WTH?

Apparently when i had "fun" on "piquant websites" they made screenshots using their program by my camera of my device. My PC doesn't even have a camera and i only use the laptop (which does have one) for things like vehicle diagnostics and occasionally YouTube. Then comes the request for $900 payment with bitcoin.Their "trojan devices know when this email is read". Their "bitcoin wallet address" is different in both emails.

 

I think if it wasn't for the fact they got my password almost correct when it's not even a legit word then i'd just dismiss it. It's that that concerns me slightly. Your opinions?

Edited November 2, 2018 by Technique

[Xahid]

In my opinion Its just a script which shows you your own "saved" password,

you should change your password (for safe side) and Update your browser (most important)

beware what scripts are running, you can prevent that by using add-ons.

Edited November 2, 2018 by Xahid

[Technique]

I'll change the password and put 2 step verification on the account. The 2 step thing can be a bit annoying but if needs must.

 

Anything i should do beyond this?

 

And for yourself and anyone else reading this - what in your opinion is the chances of this being legit and someone having my details?

[riot]

This is actually a common spam attempt.  I got it myself a few weeks back.  I change my passwords periodically, but I still recognized it as an old password I had used.  They usually target people found in password dumps from hacked sites.  They email you and tell you your password to make it seem legit.  It's bogus, you can ignore it.  But, you should definitely change your password up, and don't use the same password at more than one site.

 

https://www.businessinsider.com/new-email-scam-uses-old-password-fake-porn-threats-webcam-video-bitcoin-2018-7

[+Warwagon MVC]

Comment spam tactic as they take a password that was leaked from another site sometimes this can be years ago. They take the email address from the leak include your password in the template and send you the email.  Obviously, if you don't have two-factor authentication turned on it on for sure. 

[+BudMan MVC]

Yeah a simple google for that comment finds all kinds of info on this scam - this was the first google hit for me

https://www.pcrisk.com/removal-guides/13959-so-im-the-hacker-who-broke-your-email-scam

 

[strotee]

Send me the $900 instead. Seriously, just change password/enable 2FA, also think about using a password manager (Keepass)

[+Warwagon MVC]

11 minutes ago, ozzy76 said:

Send me the $900 instead. Seriously, just change password/enable 2FA, also think about using a password manager (Keepass)

using a password manager with random gibberish passwords for every site.

[Technique]

35 minutes ago, BudMan said:

Yeah a simple google for that comment finds all kinds of info on this scam - this was the first google hit for me

https://www.pcrisk.com/removal-guides/13959-so-im-the-hacker-who-broke-your-email-scam

 

Seems i googled the wrong terms then because i was just getting results on how to find out whether your account has been compromised.

 

Anyway thanks for the replies guys. I can rest easy now. I should change my password more often. I just banked on it being a keyboard smash so nobody would 'guess' it.

 

I actually do use & rely on KeePass heavily.

 

[Steven P. Administrators]

I get them too direct to spam:

Quote

Hello!

I'm a programmer who cracked your email account and device about half year ago.
You entered a password on one of the insecure site you visited, and I catched it.
Your password from neobond@neowin.net on moment of crack: <removed>

Of course you can will change your password, or already made it.
But it doesn't matter, my rat software update it every time.

Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.

Through your e-mail, I uploaded malicious code to your Operation System.
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.
Also I installed a rat software on your device and long tome spying for you.

You are not my only victim, I usually lock devices and ask for a ransom.
But I was struck by the sites of intimate content that you very often visit.

I am in shock of your reach fantasies! Wow! I've never seen anything like this!
I did not even know that SUCH content could be so exciting!

So, when you had fun on intime sites (you know what I mean!)
I made screenshot with using my program from your camera of yours device.
After that, I jointed them to the content of the currently viewed site.

Will be funny when I send these photos to your contacts! And if your relatives see it?
BUT I'm sure you don't want it. I definitely would not want to ...

I will not do this if you pay me a little amount.
I think $860 is a nice price for it!

I accept only Bitcoins.
My BTC wallet: 1BncH5WxBSYJ6mmcJC9bCRxQ6Z1evvtRxk

If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy.
After receiving the above amount, all your data will be immediately removed automatically.
My virus will also will be destroy itself from your operating system.

My Trojan have auto alert, after this email is looked, I will be know it!

You have 2 days (48 hours) for make a payment.
If this does not happen - all your contacts will get crazy shots with your dirty life!
And so that you do not obstruct me, your device will be locked (also after 48 hours)

Do not take this frivolously! This is the last warning!
Various security services or antiviruses won't help you for sure (I have already collected all your data).

Here are the recommendations of a professional:
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!

I hope you will be prudent.
Bye.

Funny thing is (like the OP) I changed my email address a few years ago, to steven.parker the password (which I <removed>) might be from the 00's and it is a temp throwaway password that I used to use, and not for my Neowin email address, it's definitely a compromised site from a decade or more ago. The 'cracked' password doesn't even meet the basic criteria for most password forms now as well. 😛 

[Technique]

Makes you wonder what site/s.

 

I have actually used that password they gave, with a character missing, but not much.

 

Did you enjoy the videos Steven? lol