WTF do I do - email in spamWith what was my correct email password in it saying I’ve been hacked and looking to blackmail

[Foslady]

I have nothing incriminating in there - no photos, but it’s on my main account where my banking goes to. I have no pictures that are embarrassing as they claim I may be concerned about, answering password has been altered but what the hell do I do now?

It is a hoax of sorts. I had one. They've ended up with a pw from some sort of data hacking ( I think mine was from when MN had a problem and passwords were stolen).
They then blanket email everyone they have data for on the hope that someone will bite and believe the claims they have used their laptop camera to video them watching porn or whatever
You can safely ignore and delete but change any passwords where you still use the one they quote.
You can also report it to police online. It gives them a picture of how these scams are being used.

You probably used that password on another site that has been hacked. I've had these. The email correctly identified the password I had used on some sites, but I had a different one for my email account. It's using the hacked information to make the spam seem more plausible. Ignore and delete.

Have you used your email password on another site? It may not be the email provider that has been hacked.

It's a scam. A website that you have previously registered with using your email and that same password would have been hacked and that's how they've got hold of it. If you use that particular password for anything else you'll need to go and change them to something completely different, and stop using it altogether.

Absolutely do not respond to the email, and report it to action fraud. www.actionfraud.police.uk

answering password has been altered but what the hell do I do now?

Absolutely nothing. Delete it and ignore.

Have you googled the text of the email? Sounds like a common scam. Have you changed your password to something really strong?
Have I Been Pwned will tell you if you've been part of a data breach.

Oh thank you! I bought someone off eBay a couple of months ago and a month later it was hacked. eBay have closed the account but then to get this one - I mean, surely if they were that good they’d have found a way to send it to regular mail?

Jesus - 6 Times!!!! tonight everything is being changed, I usually get strong or v strong on my password changes

And yes - googling that text brings it up as a fake scam! It’s now on a password never used before, lesson
Learnt, thank you all so much

Little tip: never re-use passwords.

It's a scam. I get a couple a week.

So, your the password and email address information will have been hacked from a third party site, such as LinkedIn. It's then dumped in a big file which spammers "harvest" for these extortion or sextortion emails.

They'll then email the address with your password as "proof" they have hacked you. Sometimes they'll spoof the from address so it looks like they've logged in to YOUR gmail account to send the message to you. They haven't, it's very easy for them to spoof from their software.

The emails I get are all about porn and they say they've filmed me on porn sites and will send to my email contacts if I don't pay them bit coin. Blah blah blah

It's all fake...

computing.which.co.uk/hc/en-gb/articles/360001317945-How-to-respond-to-a-sextortion-email

If you Google, there's a lot of articles out there about this topic, which is reassuring.

What I would do is change your passwords everywhere. Your email, Facebook - everywhere!

Make them all slightly different. A good way to do this is put the name of the site ahead of your usual password. Let's say your usual password is cabbage123. You could change your password to FacebookCabbage123, GmailCabbage123 etc. This will mean if your password gets leaked in the future, hackers can't use it to gain access to any other site/email etc you use.

You can use a password manager to manage the different passwords if you prefer. Good if you're forgetful like me!

Check this site to see when your password was exposed (eg was it from the LinkedIn back of 2011 etc): haveibeenpwned.com/

Then, listen to this really really fab podcast episode which tells a mystery story and then explains why it happened - spoiler it's to do with hacked passwords (not boring at all, I promise!) gimletmedia.com/shows/reply-all/z3hler

Two factor authentication is also a must, where available. And if it isn't available, I'd think twice about using a site (depending on what it's for ...)

Thank you so much - secondary email account is now via extra security and will change everything else after work - love the idea Re site then password password, that will help big time!

I bought someone off eBay a couple of months ago

Didn't know ebay were selling people these days

You can use a password manager to manage the different passwords if you prefer.

A good password manager will also generate completely gibberish passwords for you (as well as remember them) e.g. (from LastPass)

oeflB76bI0fjFtdwO!Ryvo8&BCro
9Xfs7U2O3HLKbgVqsFeo1C#Bw1e!
vI&$9G$!5#5YdD3bjKaFpp!DQm!w

Nothing is 100% secure - sadly the aim is to be more secure than the next guy ....

@Bremusa - see told you I’m not tech savvy, can’t even get predictive text right 😂😂
(It was actually a Bert the farting hippo I got!!!!)

I got a sextortion one from my business email which I worried about til I realised it was a hoax and frankly if my clients were sent websites I had visited they would find out about my mumsnet habit and holiday booking - the most shocking website I ever visit is daily mail