There is currently a phishing tactic being used by hackers asking for payments in the cryptocurrency BitCoin. Cyber criminals are demanding payments by telling people to follow a malicious link in the email. To make the emails seem more legitimate, they use passwords that have been found online on the dark web. These could be old passwords which have been taken from compromised websites and are still in use. We’ve seen several of our clients receive this email in their inbox, and this is the advice we’re giving them.
The Bitcoin phishing email being received
Below is an example of the email. We’ve blocked out the email and passwords for privacy even though these have now been changed.
What should you do if you receive this phishing email?
Receiving this email is a big worry and action needs to be taken, but it’s important not to panic and make any rash decisions. Here are a few Do’s and Dont’s if you receive this email or one of a similar ilk.
DO contact your IT support company if you have one
It’s always best to get a second pair of eyes on the email to check its legitimacy. An IT support company will have seen this or something very similar before so it’s worth speaking to them if you can. If not ask another employee to take a look at it and confirm it’s a scam.
|76% of businesses fell victim to a phishing attack in 2016. Always get a second view!|
DO change your passwords immediately
The biggest worry about this email that your actual passwords have been found from somewhere. In some instances, the email has listed a user’s old passwords rather than current ones. Whether use that password for one website or ten you must change it immediately to something secure. You should never use the same password twice, and they shouldn’t be anything that’s easy to guess. We recommend using a password manager such as LastPass.
|Need help creating and remembering multiple secure passwords? Check out our guide on how to create the perfect password|
DON’T make any payment or click any links
The email asks you to make a payment via Bitcoin to a Bitcoin wallet. Whatever you do don’t make any payments at all. A lot of the time the threats are empty and your data won’t get deleted as promised. If any links are included in the email don’t click any of these either as they will more than likely be malicious.
|Want to know more about how to stay protected from phishing? Check out our guide|
DO delete the email
This isn’t the sort of thing you want to be kept in your inbox. Once you have alerted people in your business about the email delete it from your inbox and block the sender.
|Did you know 14.5 BILLION spam emails are sent out every single day?|
DON’T make payment
No matter how big the threat no matter what they say never panic and make payment. Even if it gets to the extreme of you being locked out of your computer you should call the police before ever making payment whether via cash or Bitcoin.
|Spam costs businesses £19 million every single year|
Receiving this email is scary anybody telling you they have your current password isn’t a pleasant experience, but it’s important not to panic. Change your passwords, don’t click any links, block the sender and alert the correct people.