I just woke up on the morning of 8th Oct, and my sleepiness still hugs me. When I grab my phone to check the time, what scares my sleepiness away was the mail I received. It says, “Your password is b*******7”. Although this is not the first time that my password was compromised, and this password was retired for years, it still made me worry about it. Last time this password was compromised, I lost the control of my Gmail which was used for publish a lot disgusting adult videos by hacker, and that resulted to Google suspended my account. And then I deleted that account once for all.
Checking the details of this email, no surprise indeed, it was the same email account which was compromised last time. I have no idea that where this rookie hacker found this password data, may be purchase from somewhere with $1? And he/she may be too busy to verify if this password still works and sent it out with no doubt. The message is too long to paste it here, so I just attach a screenshot of it.
I think here is his points.
1, Yes, I know your password, and you do not need to know more.
2, Pay me, or pay your “debt”.
3, I have covered up myself, you can not find me. No police.
Wow, this is really familiar, I believe this is an about standard blackmail template. And this hacker doesn’t even care about to modify it a little bit. I think I can give him/her a shinning 5 stars. Oh, by the way, He/she mentioned about Google what is Bitcoin. Well, he/she definitely doesn’t know that we, Chinese, could not visit Google for years. May be he / she needs to update his/her database.
Now, let’s take a look at what is behind his email. Did he/she really covered his tail?
Well done! Proxy and relay in Russia and Ireland was found. Wait a minute, what the hell is Windows, de-DE?
Well, so much about judgment. Here is my conclusion about protect my passwords. Don’t use the same passwords for email accounts and website. Use different one for each of them. And update the passwords often. If you are not sure about if your password is still safe? Go and visit Have I Been Pwned website and check it out.