Security Advisory New email scam claiming hackers have hacked your email Kenya Print
Over the past few weeks, some people have received emails from themselves claiming that a hacker has stolen their passwords and hacked their webcam, threatening to expose your data, as well as browsing habits if you do not remit to them some bitcoins valued between $1000-$1500 US dollars.
The hackers use publicly exposed data from massive breaches that have happened across various popular services including Yahoo, LinkedIn and others.
In this new type of email scam, the hacker spoofs your email address appearing as if he has logged into your email account and sent yourself an email.
This can be easily achieved and could be minimized following best practices detailed in my earlier post about preventing email spoofing with SPF.
The hackers claim they have your password, which they get from publicly exposed data, and hope to intimidate you into paying them a ransom.
The hackers deploy automated processes to mass email and spoof the users addresses appearing to be sent from their own mailboxes.
Security Best Practices
Whether you are a victim of this email scam, or not -- you should follow some best practices to avoid being compromised:
- Check your password on Have I Been Pwned. It will let you know if the password exists in publicly exposed data from previous breaches.
- Change your passwords immediately.
- Ensure the use of strong passwords which contain lower case, upper case, numbers and symbols
- Ensure your password is unique for every website or service that you use.
- Use multi factor authentication wherever available.
- Always make sure you are entering your passwords on secure websites. Learn more on how to check if a website is secured or not here.
- Make sure you're using SSL/TLS in your email clients.
Was this answer helpful?
The Best Web Hosting Company in Nairobi, Kenya.
Kenya Website Experts Ltd is the Largest Web Hosting Company in Kenya, our core focus is helping and empowering businesses & organizations online. Thousands of customers rely on our domains and web hosting to get their ideas online. We offer everything you need to create an effective & successful online presence backed by expert, personalized customer support. We offer ultra fast, reliable, affordable and secure website hosting services, email hosting, cloud hosting and SSL certificates. We make registration of Kenyan domain names (.co.ke, .or.ke .ac.ke) and international domains (.com, .org, .net) fast, simple, and secure. Our expert team is always on hand to help answer your questions, get you started, and grow your presence online. We deliver on performance, security, reliability and customer service day in, day out, and we’re a trusted partner.