So I know a guy at the local hospital who works in the IT department. Says their email is being bombarded by these scammers claiming to have seen everyone wanking in their work webcams…
“Send $9000 to this bitcoin wallet or it will be very bad for you bc1qv3ahqa3xr7dmr029xgtxagzysgmk47g7h6k5zq” (paraphrased to remove some more nasty threats to upload a certain type of content and viruses to their system).
Its meant he and his team have had to force a number of password changes, scan computers to try and just make sure there is no real threat. He now thinks its phishing but its cost the Trust a sizable amount of money they shouldnt have to spend.
It’s just spam, everyone gets those. It’s frankly irresponsible that they spent money chasing this down. They’ve been sending these out for years now and you’d think everyone knew about these by now.
The emails usually feature a known (hopefully old) password, and they get that one from public data breaches (you can look up your email on haveibeenpwned.com and see which breaches it’s been featured in).
The only thing this IT team should’ve done is send out an educational email to all employees explaining that:
They’ve had public data breaches before so I think this is just part of modern life with them reacting this way.
They mean someone there having used their email to register for something, and that something having been hacked.
Yep, this. It’s a standard spam email that gets sent everywhere.