Got a Blackmail Demand — Hacked Your Website Email?

Last updated: May 4, 2020 Posted in by Lis Sowerbutts

There’s a scam going around at the moment. One of our clients got it via a “contact us” form, but its also been seen as an unsolicited email.

The gist of the email is that they have  hacked your database and are going to destroy your site’s reputation — they appear to be demanding US$2000 in bitcoin. If you pay via bitcoin your money is unrecoverable.

scam email

It used to be very easy to pick a scam. They typically looked like they were written by a 5yo (or me on a bad day when spell-check isn’t working). This one is pretty well written. It’s still crap. And the reason I know its crap is two-fold.  First, there is nothing in the demand which is specific to your website. It’s completely generic.

Specifically here are some extracts and my comments:

we were able to get your database credentials and extract your entire database and move the information to an offshore server.

Really _ if you go to any website and right-click with your mouse you will get an option to “view source code”. In that code you can right-click search for a “wp-content” — if you find it then, the website is running WordPress. WordPress uses a database. Don’t you think if they had actually done what they’d claimed they might have actually given you some “proof of life” (as the kidnap spy dramas talk about)? They would tell you something about your customers’ recent orders or your latest updates on the site i.e. they would know something which is not visible to everyone on the  internet! 

e-mails found they will be e-mailed that their information has been sold or leaked and your site XXXXXX was at fault thusly damaging your reputation and having angry customers/associates with whatever angry customers/associates do.

Again its a great claim — but read it carefully. They haven’t even worked out whether you are storing customer details on your website. You probably aren’t if you are not running eCommerce. And I don’t know about you, but my customers and associates tend to contact me if they have a problem and we sort it out for them. We also have terms and conditions defining our liabilities.

Lastly any links that you have indexed in the search engines will be de-indexed based off of blackhat techniques that we used in the past to de-index our targets. 

Now this one is technically possible (it’s one of the reasons you should be careful about who does SEO work for you). However, Google has improved its protections for innocent genuine businesses being de-indexed because of malicious building of links to your website from dubious content — I haven’t heard of it happening in the last 10 years.

Finally, the #1 reason I know that this client isn’t hacked? 

We monitor his site — it’s part of the service for all our website care plans clients. Hacks occur via out-of-date software (which has had a vulnerability — most updates are to fix these vulnerabilities) and/or via insecure passwords. Websites we manage don’t have either of those things.

If you’d like to talk to us about a website care plan, please contact us.

We consider ourselves insurance against the bad boys out there; we are the fence at the top of the cliff rather than the ambulance at the bottom. We also don’t  cost US$2000 nor do we accept bitcoin !

Read more articles tagged with: , ,

Leave a Comment

Posted in