WEBVTT - Latest Spam Email Contains Your Real Password

0:00:04.400 --> 0:00:08.039
<v Speaker 1>The latest email scam raising eyebrows because it contains personal

0:00:08.039 --> 0:00:11.600
<v Speaker 1>information one of your real passwords. What's going on? I'm

0:00:11.680 --> 0:00:14.720
<v Speaker 1>Rich Demiro, this is Rich on Tech. Usually you can

0:00:14.720 --> 0:00:17.759
<v Speaker 1>spot a scam email pretty quickly. You see the poor grammar,

0:00:18.040 --> 0:00:20.319
<v Speaker 1>the spelling mistakes, and some of the things in the

0:00:20.360 --> 0:00:23.800
<v Speaker 1>email just don't add up. But spammers and scam artists,

0:00:23.800 --> 0:00:26.600
<v Speaker 1>they just keep upping their game, and their latest attempt

0:00:26.680 --> 0:00:28.920
<v Speaker 1>is pretty unique. I got a lot of emails about

0:00:28.920 --> 0:00:31.160
<v Speaker 1>this one, So here we go. The email starts out

0:00:31.240 --> 0:00:33.400
<v Speaker 1>strong with something like I won't beat around the bush,

0:00:33.479 --> 0:00:35.680
<v Speaker 1>I know that your password is, and then there it

0:00:35.720 --> 0:00:38.360
<v Speaker 1>is one of your passwords. The rest of the email

0:00:38.400 --> 0:00:40.440
<v Speaker 1>is a blackmail attempt. It says that it has some

0:00:40.479 --> 0:00:44.160
<v Speaker 1>compromising video of you taken from your computer's webcam during

0:00:44.200 --> 0:00:46.920
<v Speaker 1>a visit to an adult website. The video will be

0:00:46.960 --> 0:00:49.040
<v Speaker 1>released to friends and family if you don't pay up

0:00:49.040 --> 0:00:51.960
<v Speaker 1>a ransom, and the amount varies, but the email asks

0:00:52.000 --> 0:00:54.400
<v Speaker 1>for payment in bitcoin. Now this is where I think

0:00:54.400 --> 0:00:56.960
<v Speaker 1>the email sort of loses it. What average person getting

0:00:56.960 --> 0:00:58.680
<v Speaker 1>this email is going to be able to figure out

0:00:58.720 --> 0:01:00.840
<v Speaker 1>not only how to buy bitcoin, but also how to

0:01:00.880 --> 0:01:03.680
<v Speaker 1>send it to an anonymous spammer. Now, there are many

0:01:03.800 --> 0:01:07.559
<v Speaker 1>variations of the email going around. One has nineteen that's right,

0:01:07.720 --> 0:01:10.680
<v Speaker 1>nineteen steps on how to buy bitcoin and send it

0:01:10.680 --> 0:01:12.840
<v Speaker 1>to the proper address. That's a lot of work for

0:01:12.880 --> 0:01:15.240
<v Speaker 1>an anonymous email, but still, with one of the top

0:01:15.280 --> 0:01:19.039
<v Speaker 1>adult websites registering over sixty million visitors a day, the

0:01:19.080 --> 0:01:22.319
<v Speaker 1>email might certainly have some folks wondering if it could

0:01:22.319 --> 0:01:24.440
<v Speaker 1>be real. By the way, the scam isn't just being

0:01:24.520 --> 0:01:27.839
<v Speaker 1>delivered by email. People are also getting the same blackmail

0:01:27.840 --> 0:01:31.080
<v Speaker 1>message printed out and delivered to their home address through

0:01:31.080 --> 0:01:33.880
<v Speaker 1>the regular mail. So what's happening here? How did they

0:01:33.880 --> 0:01:36.839
<v Speaker 1>get your password? The passwords are likely pulled from recent

0:01:36.920 --> 0:01:39.440
<v Speaker 1>hacks of major websites, and there have been many high

0:01:39.480 --> 0:01:42.920
<v Speaker 1>profile hacks at really popular sites. So all the scammers

0:01:42.959 --> 0:01:44.720
<v Speaker 1>need to do is find one of these lists that

0:01:44.800 --> 0:01:48.040
<v Speaker 1>contain a combination of emails and passwords and then mail

0:01:48.120 --> 0:01:50.680
<v Speaker 1>merge them with the scam email and send them off.

0:01:51.120 --> 0:01:53.440
<v Speaker 1>Bottom line, you can ignore the email, but there are

0:01:53.440 --> 0:01:56.360
<v Speaker 1>some very important lessons to be learned here. First off,

0:01:56.560 --> 0:01:59.720
<v Speaker 1>don't reuse passwords. I know this is tempting since it's easy,

0:02:00.000 --> 0:02:02.640
<v Speaker 1>but these days it is not a good idea. Basically,

0:02:02.680 --> 0:02:04.840
<v Speaker 1>if one site is hacked, the bad guys can take

0:02:04.880 --> 0:02:07.560
<v Speaker 1>your password from that site and try it at various

0:02:07.600 --> 0:02:10.079
<v Speaker 1>other websites. The best thing to do is use a

0:02:10.120 --> 0:02:12.600
<v Speaker 1>password manager. These are little apps that you install on

0:02:12.600 --> 0:02:15.960
<v Speaker 1>your computer, phone, and tablet and they generate strong, random

0:02:15.960 --> 0:02:18.360
<v Speaker 1>passwords and remember them for you. Then when you go

0:02:18.400 --> 0:02:20.160
<v Speaker 1>to that site, you can copy and paste your use

0:02:20.160 --> 0:02:22.600
<v Speaker 1>your name and password into it from the password manager,

0:02:22.960 --> 0:02:25.600
<v Speaker 1>or the password manager might just fill in the password

0:02:25.639 --> 0:02:28.200
<v Speaker 1>for you, depending on what type of device you're using.

0:02:28.480 --> 0:02:30.480
<v Speaker 1>Keep in mind you'll also want to protect your log

0:02:30.520 --> 0:02:34.040
<v Speaker 1>into the password manager with what's called two factor authentication.

0:02:34.560 --> 0:02:36.120
<v Speaker 1>This means when you log in, you're going to get

0:02:36.160 --> 0:02:38.720
<v Speaker 1>a text to your cell phone with a special code

0:02:38.720 --> 0:02:41.680
<v Speaker 1>that you'll have to enter before your login can proceed.

0:02:41.880 --> 0:02:43.920
<v Speaker 1>The idea here is that a hacker might have access

0:02:43.919 --> 0:02:46.760
<v Speaker 1>to your password, but hopefully they don't also have access

0:02:46.800 --> 0:02:49.120
<v Speaker 1>to your phone, so they won't get that code, and

0:02:49.160 --> 0:02:51.000
<v Speaker 1>then they can't type it in and the log in

0:02:51.120 --> 0:02:53.280
<v Speaker 1>won't go through. And if it sounds like a lot

0:02:53.280 --> 0:02:55.760
<v Speaker 1>of work, well it sort of is. But that's the point.

0:02:55.919 --> 0:02:59.560
<v Speaker 1>Think about the information you're protecting these days, photos, documents,

0:03:00.000 --> 0:03:03.760
<v Speaker 1>banking and all of your private info. It's all online

0:03:03.880 --> 0:03:06.720
<v Speaker 1>and in the cloud. So two apps to look into,

0:03:06.919 --> 0:03:10.400
<v Speaker 1>last Pass, which is free, and dash Lane, which costs

0:03:10.560 --> 0:03:14.120
<v Speaker 1>sixty dollars a year. Another popular password manager is called

0:03:14.320 --> 0:03:18.200
<v Speaker 1>one password, that's the number one and password. There you

0:03:18.240 --> 0:03:20.320
<v Speaker 1>have it. The latest email scam, plus how to protect

0:03:20.320 --> 0:03:23.120
<v Speaker 1>yourself from similar attempts to steal your money or more,

0:03:23.200 --> 0:03:26.160
<v Speaker 1>because once you realize the patterns here, you can help

0:03:26.200 --> 0:03:28.320
<v Speaker 1>protect yourself. If you want to see the email, you

0:03:28.360 --> 0:03:31.160
<v Speaker 1>can go to my website it's richon tech dot tv,

0:03:31.360 --> 0:03:33.000
<v Speaker 1>or you can check the show notes for a link.

0:03:33.280 --> 0:03:35.320
<v Speaker 1>Thanks so much for listening, and please let your friends

0:03:35.320 --> 0:03:37.880
<v Speaker 1>know about the show by taking a screenshot of the

0:03:37.920 --> 0:03:40.960
<v Speaker 1>podcast and then sharing it to your Instagram stories. And

0:03:41.040 --> 0:03:42.840
<v Speaker 1>don't forget to tag me so I can share it

0:03:42.880 --> 0:03:45.320
<v Speaker 1>to my stories. All right, I'm Rich dmiro. I'll talk

0:03:45.320 --> 0:03:46.200
<v Speaker 1>to you real soon