E-mail with threat
One acquaintance received an e-mail saying that they knew his password and that they were able to activate the camera and film it by going to an adult site. The person asked for payment for bitcoins. If she did not receive it, she would send this video to all his contacts. He did not pay, hit a photo of the PC screen with that message and then redirected to another email and deleted it from the bin. Now neither the email nor the photo has been found. What should be done? – Lucian
Luciano, these emails are fake. Typically, they track a password that the scammer obtained in a leak, that is, a password already known associated with the victim’s email, which was revealed when any site was hacked.
As the victim does not know that the password has been leaked, she may be frightened and think that the scammer actually had access to your computer and may have recorded the video in question. However, the threat is false, with very few exceptions.
Recognizing these emails is not too difficult. They are usually written in English. EFF gives some examples of these messages ( see here ). But the essence is the same: the scammer provides a password as a supposed proof that he would have invaded his system and made some threat. To prevent it from materializing, you must pay a certain amount in crypto-currency, usually Bitcoin. In any case, the threat is false.
If you have received any of these emails, you do not have to do anything. Just delete the message.
In any case, it is very important that you change any password that has been leaked to avoid the attack of “credential stuffing”, which occurs when scammers try to use a password known to you in other services. To learn more about this attack and how to protect yourself, read here .
As for the fact that the message is gone, check the spam box. When the message was forwarded, it may have been identified in the email it was received in. As the original has been deleted, the two become inaccessible.
Mobile phone in the hands of operator
The doubt of the reader Rodrigo deals with a case where the employee of a store of an operator requested the device to check a configuration. The screen was not visible to the customer.
I’ve been in an operator’s shop for days because of chip recognition issues. I was pretty sure the problem was because the chip was cut. Anyway, in the store, the clerk promptly commented that this was the likely problem, but that he would check if there was anything else.
He took my cell phone and, in front of me, but without my being able to see the screen, he started to work on the device. I noticed that he moved very quickly, and after a while, I thought it was taking a while.
I got up to see the screen, telling him to teach me how the procedure was to see if the chip was working, and saw only that he quickly closed some windows / programs. I was embarrassed by it and confronted him, wondering what he was up to. He denied any irregularities, obviously, and said he was checking the chip, but I know he was lying. I reported the case to the store manager, who said he was going to find out.
The problem is that I could not recognize which screens he closed and now I’m not sure what he might have done or what he could have done with a few minutes more. He must have been moving my cell phone for a couple of minutes without me seeing the screen.
Please help me. Is resetting my cell phone enough for me to protect myself from unwanted apps, or do I need to change numbers or even devices? Being of the operator, he certainly had access to my data, which gives him the opportunity to perform more sophisticated blows. What do I do? – Rodrigo
In fact, Rodrigo, this is a very inadequate situation. The detail is that the employee may not have done anything wrong.
Many operator stores function as franchises, that is, they are outsourced. This, added to the large number of attendants of these stores (thinking in terms of Brazil), makes room for several problems in the service.
Picking up a customer’s cell phone and tinkering without him looking at the screen may have been incompetent. There is a situation very similar to credit cards, which, on the recommendation of the banners, should never be given to third parties.
Try to talk directly to the service and reach the operator’s ombudsman. You can still go to the police and Procon. They may be able to peruse your device as part of a complaint against this employee, but this will depend heavily on the care available in your locality – the expertise can be very simple or very complex depending on what was done.
If this is not possible, restore your device to factory defaults as soon as possible.
Although it is possible that this employee did something irregular that persists even after a factory restoration, this is unlikely.
You can take the device to an authorized service center and ask for a reinstallation of the system image (flash). You can also do this at home, but the steps vary depending on the model of your smartphone, and brands generally do not provide instructions for doing so. So it is something that you would have to do at your own risk.
It is not recommended to take the device to unofficial assistance, as the flash process itself may introduce new malicious programs into your phone. This process needs to be performed by someone you trust.