image of security cameras on a grey building

Identify Ransom Phishing Email

This is an example of a ransom phishing email and some important things to look for that help identify it as a scam.

Image of ransom phishing scam email

 

Some of the information has been redacted in this email to protect the person who owns the email account.

How did they get my password?

Some of these emails will have a password in them, some of them like this one will just tell you that they have your password. If the password is correct and current, or has been used in the past they have it because criminals have collected millions of passwords using various online leaks of passwords that do happen.

If the password is your current password then please change the password to the account by going to https://netid.montclair.edu/netid/ (link not clickable for security reasons please copy and paste this link into your browser)

Please change any other accounts that use this password and do not use the same password for multiple accounts.

To test if any of your accounts may have a compromised password go to https://haveibeenpwned.com/ and enter your email. This will let you know if your email address and passwords are included in any leaks that have happened.

Do they actually have a video of my webcam?

No, they do not have a video.

They pretend to have a video and use fear to trick the person into thinking they might have a video hoping that the person will make a quick and rash decision to pay the random.

Paying the ransom is NEVER the solution.

Why does it look like the email is coming from me?

Some of the emails we have seen appear as if they are coming from the user themselves or another user with a @montclair.edu email address. Attackers can use tools to trick the behind the scenes working of email into making it look this way. It is not coming from you, an attacker did not get into your email to send the message to yourself.

What should I do?

The simplest answer to this question is to completely ignore the email. Do not click on it and ignore it.

If you believe that your account has been hacked or compromised

 

*** Links and emails are not clickable for security reasons. Please copy and paste them into your browser or emails.