“Keep your secrets safe” is the subject line of another sextortion scam currently being spread via email. The sextortion message claims to be authored by “the WannaCry hacker group”. However, this claim is a lie, as the scammers are just exploiting the fame of WannaCry ransomware to scare users.
This is a scareware tactic seen in a number of sextortion-based scams that claim to have recordings of users while watching adult content. In this case, the alleged WannaCry hackers state they are “aware of your intimate adventures on the Internet“.
Don’t be tricked by anything stated in the “Keep your secrets safe” scam email. Also note there are specific reasons for the distribution of such scam messages, and they have nothing to do with hackers taking over your email account or computer.
Of course, there’s a chance you get infected by some form of malware, if you truly visit adult websites and click on their ads, but in most cases a scam is just a scam. Continue reading to learn how to deal with the “Keep your secrets safe” scam.
|Name||Keep your secrets safe|
|Type||Email Scam Message, Spoofing|
|Short Description||A scam that tries to scare you into paying a ransom fee for a supposed breach of your email account. The scammer also claims that he has recorded you watching adult content.|
|Symptoms||You receive an email message that tries to trick you into thinking that your email account got compromised, and there are recordings of you watching adult content.|
|Distribution Method||Email Spam Messages, Suspicious Sites|
|Detection Tool|| See If Your System Has Been Affected by Keep your secrets safe |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss Keep your secrets safe.|
“Keep your secrets safe” Scam – Details
According to the scam message, the fake WannaCry hacker has obtained the password of the user’s account, and changing its password won’t be of any help. Have a look at the whole “Keep your secrets safe” email message:
I am a representative of the WannaCry hacker group.
In the period from 24/06/2019 to 11/09/2019 we got access to your account ******** by hacking one of the ******* mail servers.
You already changed the password?
Sumptuously! But my program fixes this every time. And every time I know your new password!
Using access to your account, it turned out to be easy to infect the OS of your device.
At the moment, all your contacts are known to us. We also have access to your messengers and to your correspondence.
All this information is already stored with us.
We are also aware of your intimate adventures on the Internet.
We know that you adore adult sites and we know about your sexual addictions.
You have a very interesting and special taste (you understand what I mean).
While browsing these sites, your device’s camera automatically turns on.
Video-record you and what you watch is being save.
After that, the video clip is automatically saved on our server.
At the moment, several analogy video records have been collected.
From the moment you read this letter, after 60 hours, all your contacts on this email box and in your instant messengers will receive these clips and files with your correspondence.
If you do not want this, transfer 550$ to our Bitcoin cryptocurrency wallet: 18JbdkskQSNFP9DrcCp9txLMFJCyPwEPXg, 12byutpYf1xpH8fR4qBj4833x2t94rSr8X
I guarantee that we will then destroy all your secrets!
As soon as the money is in our account – your data will be immediately destroyed!
If no money arrives, files with video and correspondence will be sent to all your contacts.
You decide… Pay or live in hell out of shame…
We believe that this whole story will teach you how to use gadgets properly!
Everyone loves adult sites, you’re just out of luck.
For the future – just cover a sticker your device’s camera when you visit adult sites!
Take care of yourself!
Some reasons for receiving scam messages such as the “Keep your secrets safe” scam include your email being compromised in a data breach, or harvested along with thousands of other emails. However, the chance that your system was indeed infected by malware also exists.
To make sure your email was breached, you can use Troy Hunt’s Have I Been Pwned website. There, you can easily check if your email account has been compromised in a data breach. The website also features detailed information on the largest data breaches which may have exposed your email account as well.
If it turns out that your email has been compromised in a data breach, you should change its password. Use a unique password for each of your accounts, and forget about the dangerous habit of using one password (or a variation of the same password) for all your accounts.
Another reason for receiving scam messages such as “Keep your secrets safe” is email harvesting. It can be done via different methods but the purpose is usually the same – to use collected data for spamming or sending bulk emails, which is quite an easy tast thanks to automated programs. In most cases, a spam bot is used for searching email addresses in web pages. These are then added to a database and sold to spammers. To avoid this, you can use the so-called wmail address munging. Simply change the “@” sign into “at” and the “.” into “dot”.
NOTE. If you have opened a suspicious email attachment or clicked on an unknown link in a phishing email, your computer may have been infected for real. Phishing can lead to various outcomes, including the exposure of personal accounts and sensitive data.
The funny thing is that all current phishing scams are also deployed via email messages as the main distribution tactic. The recipients are usually sent messages that are disguised as legitimate notifications from a service, program, product or another party concerning a certain type of interaction which is required. Most of the times the scams are related to account activity, fraud transactions or password reset reminders.
All of these may be legitimate reasons for sending out activity messages and as such can easily be confused with the real notifications. In almost all cases similar sounding domain names and security certificates (self-signed, stolen or hacker-issued) will be implemented in the landing pages to confuse the recipients that they are visiting a safe site.
If you have interacted with such a phishing message, your accounts may have been compromised, email accounts included. Your financial details may be at risk, as well. So it may be a good idea to scan your system for spyware or malware.
A simple solution
Since all recent extortion-based scams, such as the “Your account is being used by another person!” scam, are relying on purported recordings of the recipient watching adult content, simply cover up your laptop’s camera. This may sound silly but knowing that your camera is covered leaves no place for you to worry, regardless of the scammer’s claims.
Another simple thing you can do to avoid email harvesting (where scammers and third parties harvest email addresses in bulk) is the so-called email address munging, or simply changing the “@” sign into “at” and the “.” into “dot”. This is especially valid for individuals with business emails that are visible to the entire internet.
And once again, no matter how persuasive the “Your account is being used by another person!” email you received sounds, don’t fall for it because it is a scam.
Remove “Keep your secrets safe” Scam
To remove the “Keep your secrets safe” scam, you should simply delete the email message. However, there is always the option that you were indeed breached or hacked. If you suspect this to be true, you should see the step-by-step removal instructions provided below. In case you cannot get rid of any files related to the “Keep your secrets safe” scam or find out other malicious ones, you should search for and remove any leftover malware pieces with an advanced anti-malware tool. Software like that will keep your system secure in the future.