Did you get an email that threatens to expose your website content online and utterly destroying your website reputation in Google and harassing your customers? Don’t worry. You are just one of many to be threatened by a scammer that never had access to your website.
Several customers have gotten emails lately telling them their websites have been hacked and that the content will be exposed online in a few days if they do not pay the hackers. We got several reports and although obviously fake from a quick glance we decided to dive a bit deeper into the content.
The email is very aggressive in its language and does its best to scare the recipient. They even outline the steps of what is about to happen:
- “First your database will be leaked or sold to the highest bidder”
- “Next if there are e-mails found they will be e-mailed that their information has been sold or leaked”
- “Lastly any links that you have indexed in the search engines will be de-indexed”
This does a very good job of scaring anyone getting the email. Fortunately, this is just an email and you have not been hacked. If you are in the unfortunate situation of having received this email you can rest easy, you are just one of the thousands of people to get this email.
The sender hopes to scare just a few recipients to pay the low fee to prevent these data from being spread online.
“We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC). “
That’s nice of them. Fortunately, there are online systems to help track these scammers, one of which is the Bitcoin Abuse Database. Looking up the bitcoin address they refer to we could see it has been reported several times already.
Since we always diligently check these kinds of things we took the time to verify the server logs, but no trace of any unauthorized access was found.
Here is the entire email, the URL of the website is redacted as well as the actual BTC address.
PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!
We have hacked your website [removed_url] and extracted your databases.
How did this happen?
Our team has found a vulnerability within your site that we were able to exploit. After finding the vulnerability we were able to get your database credentials and extract your entire database and move the information to an offshore server.
What does this mean?
We will systematically go through a series of steps of totally damaging your reputation. First your database will be leaked or sold to the highest bidder which they will use with whatever their intentions are. Next if there are e-mails found they will be e-mailed that their information has been sold or leaked and your site [removed_url] was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do. Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets.
How do I stop this?
We are willing to refrain from destroying your site’s reputation for a small fee. The current fee is $2000 USD in bitcoins (BTC).
Send the bitcoin to the following Bitcoin address (Copy and paste as it is case sensitive):
Once you have paid we will automatically get informed that it was your payment. Please note that you have to make payment within 5 days after receiving this notice or the database leak, e-mails dispatched, and de-index of your site WILL start!
How do I get Bitcoins?
You can easily buy bitcoins via several websites or even offline from a Bitcoin-ATM. We suggest you [removed_url] for buying bitcoins.
What if I don’t pay?
If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation amongst google and your customers.
This is not a hoax, do not reply to this email, don’t try to reason or negotiate, we will not read any replies. Once you have paid we will stop what we were doing and you will never hear from us again!
Please note that Bitcoin is anonymous and no one will find out that you have complied.
Although this is just a scam, there is a reason why they even try – Many people do not do enough to protect themselves online.
Remember to do your best to protect yourself. Use antivirus on your computer, use a VPN to prevent people snooping on your communication, use unique usernames and passwords and of course – if you run a WordPress website, use a plugin like our Security Ninja to help protect yourself from hackers.