Stolen Passwords From Data Breaches Used for Online Scam

The latest online scam by cybercriminals uses stolen passwords from data breaches to try and convince people that they have used the password to download spyware and that they have now caught them looking at adult sites. The next step is blackmail.

Robert Capps, VP and Authentication Strategist at NuData Security:

“Cybercriminals continue to steal usernames and passwords at an alarming rate, intent on committing account takeover of legitimate consumer accounts. Once they have account credentials they try to use them on everything from healthcare to social media sites, and everything in between. The primary action users should take is to avoid account takeover, is to use unique passwords for each site they sign up for; password managers are a great help for keeping all of those credentials safe and secure. In this latest scheme, cybercriminals are trying to blackmail consumers making them think they have access to sensitive information or images, even if it’s not true. As recommended, the best is to ignore these emails and flag them as spam. Also, if the password they send is a legitimate one, go and change all accounts using the same password – which, ideally, should be just one account.”