“Keep your secrets safe” is the subject line of another sextortion scam currently being spread via email. The sextortion message claims to be authored by “the WannaCry hacker group”. However, this claim is a lie, as the scammers are just exploiting the fame of WannaCry ransomware to scare users.
This is a scareware tactic seen in a number of sextortion-based scams that claim to have recordings of users while watching adult content. In this case, the alleged WannaCry hackers state they are “aware of your intimate adventures on the Internet“.
Don’t be tricked by anything stated in the “Keep your secrets safe” scam email. Also note there are specific reasons for the distribution of such scam messages, and they have nothing to do with hackers taking over your email account or computer.
Of course, there’s a chance you get infected by some form of malware, if you truly visit adult websites and click on their ads, but in most cases a scam is just a scam. Continue reading to learn how to deal with the “Keep your secrets safe” scam.
|Name||Keep your secrets safe|
|Type||Email Scam Message, Spoofing|
|Short Description||A scam that tries to scare you into paying a ransom fee for a supposed breach of your email account. The scammer also claims that he has recorded you watching adult content.|
|Symptoms||You receive an email message that tries to trick you into thinking that your email account got compromised, and there are recordings of you watching adult content.|
|Distribution Method||Email Spam Messages, Suspicious Sites|
See If Your System Has Been Affected by malware
Malware Removal Tool
|User Experience||Join Our Forum to Discuss Keep your secrets safe.|
“Keep your secrets safe” Scam – Details
According to the scam message, the fake WannaCry hacker has obtained the password of the user’s account, and changing its password won’t be of any help. Have a look at the whole “Keep your secrets safe” email message:
I am a representative of the WannaCry hacker group.
In the period from 24/06/2019 to 11/09/2019 we got access to your account ******** by hacking one of the ******* mail servers.
You already changed the password?
Sumptuously! But my program fixes this every time. And every time I know your new password!
Using access to your account, it turned out to be easy to infect the OS of your device.
At the moment, all your contacts are known to us. We also have access to your messengers and to your correspondence.
All this information is already stored with us.
We are also aware of your intimate adventures on the Internet.
We know that you adore adult sites and we know about your sexual addictions.
You have a very interesting and special taste (you understand what I mean).
While browsing these sites, your device’s camera automatically turns on.
Video-record you and what you watch is being save.
After that, the video clip is automatically saved on our server.
At the moment, several analogy video records have been collected.
From the moment you read this letter, after 60 hours, all your contacts on this email box and in your instant messengers will receive these clips and files with your correspondence.
If you do not want this, transfer 550$ to our Bitcoin cryptocurrency wallet: 18JbdkskQSNFP9DrcCp9txLMFJCyPwEPXg, 12byutpYf1xpH8fR4qBj4833x2t94rSr8X
I guarantee that we will then destroy all your secrets!
As soon as the money is in our account – your data will be immediately destroyed!
If no money arrives, files with video and correspondence will be sent to all your contacts.
You decide… Pay or live in hell out of shame…
We believe that this whole story will teach you how to use gadgets properly!
Everyone loves adult sites, you’re just out of luck.
For the future – just cover a sticker your device’s camera when you visit adult sites!
Take care of yourself!
Some reasons for receiving scam messages such as the “Keep your secrets safe” scam include your email being compromised in a data breach, or harvested along with thousands of other emails. However, the chance that your system was indeed infected by malware also exists.
To make sure your email was breached, you can use Troy Hunt’s Have I Been Pwned website. There, you can easily check if your email account has been compromised in a data breach. The website also features detailed information on the largest data breaches which may have exposed your email account as well.
If it turns out that your email has been compromised in a data breach, you should change its password. Use a unique password for each of your accounts, and forget about the dangerous habit of using one password (or a variation of the same password) for all your accounts.
Another reason for receiving scam messages such as “Keep your secrets safe” is email harvesting. It can be done via different methods but the purpose is usually the same – to use collected data for spamming or sending bulk emails, which is quite an easy tast thanks to automated programs. In most cases, a spam bot is used for searching email addresses in web pages. These are then added to a database and sold to spammers. To avoid this, you can use the so-called wmail address munging. Simply change the “@” sign into “at” and the “.” into “dot”.
NOTE. If you have opened a suspicious email attachment or clicked on an unknown link in a phishing email, your computer may have been infected for real. Phishing can lead to various outcomes, including the exposure of personal accounts and sensitive data.
The funny thing is that all current phishing scams are also deployed via email messages as the main distribution tactic. The recipients are usually sent messages that are disguised as legitimate notifications from a service, program, product or another party concerning a certain type of interaction which is required. Most of the times the scams are related to account activity, fraud transactions or password reset reminders.
All of these may be legitimate reasons for sending out activity messages and as such can easily be confused with the real notifications. In almost all cases similar sounding domain names and security certificates (self-signed, stolen or hacker-issued) will be implemented in the landing pages to confuse the recipients that they are visiting a safe site.
If you have interacted with such a phishing message, your accounts may have been compromised, email accounts included. Your financial details may be at risk, as well. So it may be a good idea to scan your system for spyware or malware.
A simple solution
Since all recent extortion-based scams, such as the “Your account is being used by another person!” scam, are relying on purported recordings of the recipient watching adult content, simply cover up your laptop’s camera. This may sound silly but knowing that your camera is covered leaves no place for you to worry, regardless of the scammer’s claims.
Another simple thing you can do to avoid email harvesting (where scammers and third parties harvest email addresses in bulk) is the so-called email address munging, or simply changing the “@” sign into “at” and the “.” into “dot”. This is especially valid for individuals with business emails that are visible to the entire internet.
And once again, no matter how persuasive the “Your account is being used by another person!” email you received sounds, don’t fall for it because it is a scam.
Remove “Keep your secrets safe” Scam
To remove the “Keep your secrets safe” scam, you should simply delete the email message. However, there is always the option that you were indeed breached or hacked. If you suspect this to be true, you should see the step-by-step removal instructions provided below. In case you cannot get rid of any files related to the “Keep your secrets safe” scam or find out other malicious ones, you should search for and remove any leftover malware pieces with an advanced anti-malware tool. Software like that will keep your system secure in the future.
- Guide 1: How to Remove Keep your secrets safe from Windows.
- Guide 2: Get rid of Keep your secrets safe on Mac OS X.
- Guide 3: Remove Keep your secrets safe in Google Chrome.
- Guide 4: Erase Keep your secrets safe from Mozilla Firefox.
- Guide 5: Uninstall Keep your secrets safe from Microsoft Edge.
- Guide 6: Remove Keep your secrets safe from Safari.
- Guide 7: Eliminate Keep your secrets safe from Internet Explorer.
- Guide 8: Disable Keep your secrets safe Push Notifications in Your Browsers.
How to Remove Keep your secrets safe from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove Keep your secrets safe
Step 2: Uninstall Keep your secrets safe and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it.
Step 3: Clean any registries, created by Keep your secrets safe on your computer.
The usually targeted registries of Windows machines are the following:
You can access them by opening the Windows registry editor and deleting any values, created by Keep your secrets safe there. This can happen by following the steps underneath:
Get rid of Keep your secrets safe from Mac OS X.
Step 1: Uninstall Keep your secrets safe and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove Keep your secrets safe via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
You can repeat the same procedure with the following other Library directories:
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Scan for and remove Keep your secrets safe files from your Mac
When you are facing problems on your Mac as a result of unwanted scripts and programs such as Keep your secrets safe, the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Remove Keep your secrets safe from Google Chrome.
Step 1: Start Google Chrome and open the drop menu
Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"
Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.
Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.
Erase Keep your secrets safe from Mozilla Firefox.
Step 1: Start Mozilla Firefox. Open the menu window
Step 2: Select the "Add-ons" icon from the menu.
Step 3: Select the unwanted extension and click "Remove"
Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.
Uninstall Keep your secrets safe from Microsoft Edge.
Step 1: Start Edge browser.
Step 2: Open the drop menu by clicking on the icon at the top right corner.
Step 3: From the drop menu select "Extensions".
Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.
Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.
Remove Keep your secrets safe from Safari.
Step 1: Start the Safari app.
Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.
Step 3: From the menu, click on "Preferences".
Step 4: After that, select the 'Extensions' Tab.
Step 5: Click once on the extension you want to remove.
Step 6: Click 'Uninstall'.
A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the Keep your secrets safe will be removed.
Eliminate Keep your secrets safe from Internet Explorer.
Step 1: Start Internet Explorer.
Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'
Step 3: In the 'Manage Add-ons' window.
Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.
Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.
Remove Push Notifications caused by Keep your secrets safe from Your Browsers.
Turn Off Push Notifications from Google Chrome
To disable any Push Notices from Google Chrome browser, please follow the steps below:
Step 1: Go to Settings in Chrome.
Step 2: In Settings, select “Advanced Settings”:
Step 3: Click “Content Settings”:
Step 4: Open “Notifications”:
Step 5: Click the three dots and choose Block, Edit or Remove options:
Remove Push Notifications on Firefox
Step 1: Go to Firefox Options.
Step 2: Go to “Settings”, type “notifications” in the search bar and click "Settings":
Step 3: Click “Remove” on any site you wish notifications gone and click “Save Changes”
Stop Push Notifications on Opera
Step 1: In Opera, press ALT+P to go to Settings
Step 2: In Setting search, type “Content” to go to Content Settings.
Step 3: Open Notifications:
Step 4: Do the same as you did with Google Chrome (explained below):
Eliminate Push Notifications on Safari
Step 1: Open Safari Preferences.
Step 2: Choose the domain from where you like push pop-ups gone and change to "Deny" from "Allow".