Watch for Threatening Email Messages that Contain Your Actual Passwords

by | Jul/19/2018

You may receive a threatening email message that shows you your actual username and password. The attacker may demand you pay them 2900, or some other significant amount. They threaten horrible things if you do not pay.
They may show you other information they have stolen including where you work, your date of birth, names, and ages of family members, and more.

Do this now: Be sure none of your email programs displays graphics or images when you open a message. On your iPhone or iPad, go to Settings > Mail and turn off “Load Remote Images.” In Outlook, choose File > Options > Trust Center and check the box that says: Don’t download pictures automatically. Take similar steps for every device you use to check your email. This step will usually prevent the attacker from knowing you opened the email message, but you have to change the setting before receiving the message.

Cover up the cameras on your computers, tablets, and phones if you do not use the camera often.

If your do receive one of these messages, print it out and save it in case you need it for evidence in the future. Do not forward the message unless you are confident that the transmitted message contains no graphics.

Assuming that the accusations are false, do not respond at all. Behave as if you never received the message.

It is up to you to decide if you want to warn family, friends, and everyone else in your address book in case the attacker follows through with their threat. Reassure your contacts that the contents of the message are false.

Make a detailed log, and make copies of all email messages, phone calls, and text messages you receive from them. Submit a complaint at Contact the police if you fear that your life is in danger. If the email message came from Gmail, notify Google and they can investigate.

Visit to see if there is evidence that your password has shown up for sale on the dark-web.

Reset sensitive passwords and enable two-step verification on websites where you log in. Be sure you are current on all security patches on all of your devices.

Please forward this to your everyone that you know so that they will prepare for a threatening message that contains their real password.