FacebookTwitterLinkedIn

Avoid getting scammed by emails claiming your account or system was hacked

Also Known As: Your Account Was Hacked spam
Damage level: Medium

What is "Your Account Was Hacked"?

"Your Account Was Hacked" is one of the many scams (spam campaigns) that are used to trick people into paying cyber criminals. In this case, scammers send an email stating that the recipient's computer is infected with a malicious program that allowed them to record a compromising video.

They also claim that they have stolen personal data/details. The main point of this email is to trick people into paying cyber criminals who threaten to proliferate the video if their demands are not met by the given deadline. Note that emails of this type should be ignored.

Your Account Was Hacked spam campaign

"Your Account Was Hacked" email scam overview

There are two versions of the "Your Account Was Hacked" spam campaign, however, they are essentially identical. A screenshot of another version (and its text) can be found below. Scammers claim that they have hacked the user's email account.

To make this seem genuine, they used the 'spoofing' method, which allows them to forge email addresses - in this case, cyber criminals use the recipient's email address, and thus it seems as if the recipient of the email is also the sender. Furthermore, cyber criminals state that they have infected the computer with a Trojan that operates as a remote access tool.

They state that this unwanted installation occurred when the recipient visited an adult website and this tool allowed them to gain access to the user's desktop and webcam. Furthermore, they claim that they have stolen various passwords and contacts.

The key part of this email is the statement indicating that these criminals have recorded a video of the recipient watching adult content (video). To prevent them from proliferating this video (sending it to all of the recipient's contacts), they urge the victim to pay $1000 in Bitcoins using one of the Bitcoin wallet addresses provided.

Scammers encourage the victim to make a payment within 48 hours, otherwise they will proliferate the video. We can assure you that there is no such video recorded and this is just a scam based on the hope that some users will fall for it.

If you receive this email, you are likely to be just one of hundreds of others who have also received it. The best option in these cases is to simply ignore the emails.

Threat Summary:
Name Your Account Was Hacked Email Scam
Threat Type Phishing, Scam, Social Engineering, Fraud
Fake Claim Cyber criminals state that they've infected recipient's computer and have recorded a compromising video.
Cyber Criminal Cryptowallet Address (Bitcoin) 1DyiDqXUQ44qbnuBxARp5Q2Q2j6pvXZAyQ, 3Qv9HRnPyie4b8nYeUp1Sp7Xcx8i28HvQg (cyber criminals change their cryptowallet addresses with each new spam campaign).
Symptoms Received an email that threatens to send supposedly recorded video of user watching adult videos to family members and colleagues. Email(s) in the inbox state that ones passwords have been stolen.
Distribution methods This scam is spread wide via spam email campaigns.
Damage Monetary loss - completely unnecessary payments for fake claims about hacking and in reality non-existent video recordings.
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner
To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Spam campaigns in general

"Your Account Was Hacked" is just one of many emails (scams) of this kind. Others include "You May Not Know Me", "We Are Not Going To Steal A Lot Of Time", and "I Am A Spyware Software Developer". Most are used to threaten and blackmail people by making claims that are not accurate.

Criminals generally attempt to extort money from innocent people, however, some cyber criminals use other types of spam campaigns. They send emails that contain malicious attachments or website links that lead to them. They use these emails to infect computers with malicious programs such as LokiBot, TrickBot, Emotet, AZORult, and Adwind.

The main purpose of these spam campaigns is to trick people into opening the included link or attachment - opening it causes download and installation of a malicious program. Examples of files that cyber criminals usually attach are Microsoft Office documents, PDF files, executables (.exe), ZIP, RAR or other archives, and so on.

These emails and attachments proliferate computer infections that cause people financial loss, data loss, privacy issues, and so on.

We receive a great deal of feedback from concerned users about this scam email. Here is the most popular question we receive:

Q: Hi pcrisk.com team, I received an email stating that my computer was hacked and they have a video of me. Now they are asking for a ransom in Bitcoins. I think this must be true because they listed my real name and password in the email. What should I do?

A: Do not worry about this email. Neither hackers nor cyber criminals have infiltrated/hacked your computer and there is no video of you watching pornography. Simply ignore the message and do not send any Bitcoins. Your email, name, and password was probably stolen from a compromised website such as Yahoo (these website breaches are common). If you are concerned, you can check if your accounts have been compromised by visiting the haveibeenpwned website.

How do spam campaigns infect computers?

Spam campaigns can only infect computers if the presented attachment (or web links that lead to them) are opened. For example, executable files (.exe) must be executed, archive files, extracted and their contents executed, and so on. If the attached file is an MS Office document, it will ask to enable macros commands.

By enabling them, users allow malicious documents to download and install malicious programs. Spam campaigns are used to infect people's computers but can only do harm if the presented attachment/s are opened.

How to avoid installation of malware?

Download, install, update software, and browse the internet with care. Do not open attachments (or web links) included in emails received from unknown, suspicious email addresses. They are usually presented in various irrelevant emails that do not concern their recipients personally. Update installed software using implemented functions or tools provided by official developers only.

Avoid downloading software from untrustworthy, unofficial websites, using third party downloaders, torrent clients, eMule and other such tools. Use newer versions of Microsoft Office (no older than 2010), since they have "Protected View" mode, which prevents malicious documents from downloading and installing unwanted (malicious) programs.

Make sure that there is reputable anti-spyware or anti-virus software installed and running on the computer. Programs of this type are capable of detecting viruses (and other threats) and eliminating them before any serious damage is done.

If you have already opened malicious attachments, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate infiltrated malware.

Text presented in the "Your Account Was Hacked" email message (with two additional Bitcoin wallet addresses):

Your account was hacked! Renew the pswd right away!
You probably do not know me me and you may be certainly wanting to know for what reason you're receiving this message, right?
I'm ahacker who burstyour emailand devices and gadgetsnot so long ago.
Do not attempt to msg me or alternatively try to find me, it is definitely hopeless, because I sent you a letter from YOUR hacked account.
I installed spyware on the adult vids (porno) website and suppose you enjoyed this site to enjoy it (you know what I mean).
During you have been watching content, your browser started out operating as a RDP (Remote Control) that have a keylogger that granted me authority to access your desktop and webcam.
Afterward, my programobtainedall information.
You have typed passcodes on the websites you visited, I caught all of them.
Surely, you could possibly change each of them, or perhaps already modified them.
But it really doesn't matter, my malware renews it every time.
And what did I do?
I compiled a reserve copy of every your system. Of all files and personal contacts.
I got a dual-screen video recording. The 1st section demonstrates the video you were observing (you've got a good preferences, ahah...), the second screen demonstrates the movie from your camera.
What should you do?
Great, in my opinion, 1000 USD is basically a reasonable amount of money for this little riddle. You'll do the deposit by bitcoins (in case you don't understand this, go searching “how to purchase bitcoin” in any search engine).
My bitcoin wallet address:
1DyiDqXUQ44qbnuBxARp5Q2Q2j6pvXZAyQ, 17qQSJatXXj5DnjMLjNGXx9BT7NUhqimRx, 15LZuFSVyDAoaNLtbh4ru7ZQWvZxEosCaf, 18DGKAQ3gHQVmPHPVyLvBGsCoX1d4G8yfq, 1JRfE57ZF8Eaqa7DktHmVCoAneA8q4fpP2, 1LthzYVB7jrYFPnJHDLriDnxk4BJ4Ch2jf, 1GXBRWZaTqTEvxY2NzfdrMwYbPHqfWNNYE, 14GHLvKaXSNtDTkshZi5j8uUo3mFtJ52FN, 19SDJp3rdgU99sadqEb437b1qAynsCg9r8, 1LWbhU7623zZjLHTnfTRyrcqbRnXoVKaBd, 1GVgsTh6j1oh5PUksWQDdiChtsRiWwkR6Q, 14dM8NWRhdzKixe3hcvY6HfQGcjt736Gkc, 1FUieDeAPMpTpz67aKfr1jsWXmJfvQ6V8w, 1CUmFahadM9fmENHcdepbwSENEdmqh7VeF, 19Bk81t5nG8DZJSaJB6xqgvqfs1pCeF4KS, 1Cboy74YFQy1pLJTRrnibYfqiVo3FXv9fe, 1LP5g9uxYdqkTGZfgjRU9dFbY3pra3BaPw, 1EcoMxqqevYgoK6syi3TD4mTaSJGYLQbGw, 1Jo478RY2qC8vZ1cxSmk2WFjq5j9bpfDuv
(It is cAsE sensitive, so just copy and paste it).
Warning:
You will have 48 hours to make the payment. (I built in an unique pixel to this message, and right now I understand that you've read through this email).
To tracethe reading of a messageand the actionsin it, I utilizea Facebook pixel. Thanks to them. (Everything thatcan be usedfor the authorities should helpus.)

If I fail to get bitcoins, I will immediately offer your videofile to each of your contacts, including family members, colleagues, and so forth?

Screenshot of another variant of "Your Account Was Hacked" scam:

another variant of Your Account Was Hacked scam

Text presented in another version of "Your Account Was Hacked" scam:

Hi, your account has been infected! Renew the password this time!
You do not know anything about me and you may be probably surprised for what reason you're reading this particular letter, proper?
I'mhacker who exploitedyour emailand all devicesnot so long ago.
Never try out to msg me or alternatively seek for me, it's impossible, because I forwarded you this message using YOUR hacked account.
I've installed special program on the adult videos (porno) site and guess that you visited this site to have fun (you understand what I mean).
While you have been keeping an eye on video clips, your internet browser started out to act like a RDP (Remote Control) having a keylogger that provided me access to your screen and network camera.
Then, my softobtainedall information.
You have typed passcodes on the online resources you visited, I caught them.
Surely, you are able change each of them, or have already modified them.
However it doesn't matter, my program renews needed data regularly.
What actually I have done?
I generated a reserve copy of every your system. Of all the files and each contact.
I formed a dual-screen videofile. The first part displays the film that you were watching (you have got an interesting preferences, ahah...), and the second screen displays the recording from your own camera.
What exactly should you do?
Clearly, I think, 1000 USD will be a fair price for our small riddle. You will make the deposit by bitcoins (if you do not understand this, go searching “how to purchase bitcoin” in any search engine).
My bitcoin wallet address:
12xDmKxf28FStr6pxVCbv56sPf2nvL3jmT, 1GCz3YBhwpqFRUQ4B3rEvpiEkn6XtTD4GA, 15tGbgpiksnzBY1tef2LgUbJ9pZvoDjCbs, 18iDcSiS48kPAkbxUnyeeqwVx65Vgbwr2U, 1KmzrKYxcpAyEVEH38KPrMSVfGejk1ABQz, 1BkkLeRcUjrakVNFtAgAgfMjDb4TPUw8Pz, 1C242L8qAXRxudv6KBAahi81GHS5wpc8cF, 1NwbnYRDJwcAXRwRsJMZRFs7Gt4psir5S9, 149zE8ZaYXk1CtpfY5qsiuaf7LSdqsRs88, 1HUHBgNHYCz9Djy9z615adkgd2NYQNMVUd, 1LX5SEa54kf2SaAWH1vJ1F8SPkhpHCmzY9, 1E5tz2erjoh9Bx4U54PZPHrS51TgaGfCps, 1JKJEkK4FEmWixuBBTm8SojW3ACTt6oVFT, 1816WoXDtSmAM9a4e3HhebDXP7DLkuaYAd, 149J6aqKnjLTLdCCL39isvPxQh1xTjhEq5, 1F3GRSteD9XbVsUVNxj4FrTPrKvDmwiZVz, 1JwrTTYu1KkrJLUbWmDFC2WLMg4RP2YCRq, 1GL3psbvhB1pJJLQub8ABjPUstThPpfgnb, 178weWXPeMALJjq72tYxmWgNx5bQDpKN9u, 1N27jsKEDaxRfYF6pkGvyANQhPuZzzECBz
(It is cAsE sensitive, so copy and paste it).
Important:
You will have 2 days in order to make the payment. (I have an unique pixel in this letter, and at the moment I understand that you've read through this email).
To tracethe reading of a messageand the actionsin it, I utilizea Facebook pixel. Thanks to them. (That whichis usedfor the authorities may helpus.)

 

In case I fail to get bitcoins, I shall undoubtedly send your video files to each of your contacts, along with relatives, co-workers, etc?

Another variant of "This account has been hacked" email scam:

this account has been hacked scam variant 3

Text presented in this variant:

Hi, this account has been hacked! Modify the password right now!
You do not know anything about me and you really are probably surprised for what reason you're reading this email, proper?
I'm ahacker who openedyour emailand devicesa few months ago.
Do not attempt to communicate with me or try to find me, in fact it's not possible, since I forwarded you an email using YOUR hacked account.
I've started virus to the adult videos (porn) website and guess you have spent time on this website to have a good time (you realize what I want to say).
Whilst you have been paying attention to vids, your internet browser started out to act like a RDP (Remote Control) that have a keylogger that provided me authority to access your screen and web camera.
Next step, my softwarestoleall information.
You have put passcodes on the websites you visited, and I already caught all of them.
Needless to say, you can modify each of them, or have already modified them.
But it really doesn't matter, my malware updates it regularly.
And what I have done?
I made a backup of your device. Of all files and contact lists.
I got a dual-screen movie. The 1 part reveals the clip you were watching (you have got a good preferences, huh...), and the 2nd screen reveals the movie from your camera.
What actually must you do?
Good, in my view, 1000 USD will be a reasonable amount of money for this very little riddle. You will do the deposit by bitcoins (in case you don't recognize this, search “how to purchase bitcoin” in any search engine).
My bitcoin wallet address:
14B3FpCjNnoGxTsGor46Wk689GsvKbyv4x, 1FcCacS5pebEKMR6wtz7k98JEqbhfhCkDw, 1PAcoXVyzBDRryyg3MAmBQhDuofNYu55Uo, 12s4cfoNTzT68gSdxLjmSRT3qdvaqwDWNz, 15D5A6C5peaK8wF4eAlW5GfYzp3YVmaGP6
(It is cAsE sensitive, so just copy and paste it).
Important:
You have only 2 days to perform the payment. (I have an exclusive pixel in this letter, and right now I understand that you have read this email).
To tracethe reading of a messageand the activityin it, I set upa Facebook pixel. Thanks to them. (That whichis appliedfor the authorities may also helpus.)
In case I fail to get bitcoins, I will undoubtedly direct your video files to all your contacts, including relatives, co-workers, and many more?

Yet another variant of "Your Account Was Hacked" spam campaign:

Your Account Was Hacked Email Spam campaign (Sample 3)

Text presented within this email:

This account is now hacked! Change the password right this moment!
You do not know me me and you really are definitely wondering for what reason you're receiving this e-mail, proper?
I am a hacker who exploited your email and OS two months ago.
It will be a time wasting to attempt to msg me or find me. it is definitely impossible since I forwarded you an email from YOUR account that I've hacked.
I have started special program on the adult videos (porno) website and suppose that you have visited this site to enjoy it (you understand what I want to say).
When you were taking a look at films, your internet browser began functioning like a RDP (Remote Control) with a keylogger which granted me access to your monitor and camera.
Next step, my softgatheredall info.
You have entered passwords on the websites you visited, I caught them.
Surely, you'll be able to change each of them, or possibly already changed them.
However it does not matter, my malware updates needed data every time.
And what did I do?
I got a reserve copy of every your device. Of all the files and personal contacts.
I formed a dual-screen video. The 1st section displays the clip you had been observing (you've an interesting preferences, huh...), and the 2nd screen displays the movie from your own web camera.
What should you do?
Great, I believe, 1000 USD is a inexpensive price for our very little secret. You will make the deposit by bitcoins (in case you don't understand this, try to find "how to purchase bitcoin" in any search engine).
My bitcoin wallet address:

1N69twRyL3hsnt-Ti2z3fKZ3RipN1972dFx, 1Nv29du52zVq2dSyrRJEyn4ffWiaheXq9Q

(It is cAsE sensitive, so copy and paste it).
Important:
You will have only 48 hours to send the payment (I built in an exclusive pixel to this letter, and at the moment I know that you've read through this email).
To tracethe reading of a letter and the actions inside it, I set up a Facebook pixel. Thanks to them.
(Everything that is applied for the authorities may also helpus.)
In case I do not get bitcoins, I'll undoubtedly send your video file to all your contacts, along with family members, co-workers, and many more?

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

Types of malicious emails:

Phishing email icon Phishing Emails

Most commonly, cybercriminals use deceptive emails to trick Internet users into giving away their sensitive private information, for example, login information for various online services, email accounts, or online banking information.

Such attacks are called phishing. In a phishing attack, cybercriminals usually send an email message with some popular service logo (for example, Microsoft, DHL, Amazon, Netflix), create urgency (wrong shipping address, expired password, etc.), and place a link which they hope their potential victims will click on.

After clicking the link presented in such email message, victims are redirected to a fake website that looks identical or extremely similar to the original one. Victims are then asked to enter their password, credit card details, or some other information that gets stolen by cybercriminals.

Email-virus icon Emails with Malicious Attachments

Another popular attack vector is email spam with malicious attachments that infect users' computers with malware. Malicious attachments usually carry trojans that are capable of stealing passwords, banking information, and other sensitive information.

In such attacks, cybercriminals' main goal is to trick their potential victims into opening an infected email attachment. To achieve this goal, email messages usually talk about recently received invoices, faxes, or voice messages.

If a potential victim falls for the lure and opens the attachment, their computers get infected, and cybercriminals can collect a lot of sensitive information.

While it's a more complicated method to steal personal information (spam filters and antivirus programs usually detect such attempts), if successful, cybercriminals can get a much wider array of data and can collect information for a long period of time.

Sextortion email icon Sextortion Emails

This is a type of phishing. In this case, users receive an email claiming that a cybercriminal could access the webcam of the potential victim and has a video recording of one's masturbation.

To get rid of the video, victims are asked to pay a ransom (usually using Bitcoin or another cryptocurrency). Nevertheless, all of these claims are false - users who receive such emails should ignore and delete them.

How to spot a malicious email?

While cyber criminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:

  • Check the sender's ("from") email address: Hover your mouse over the "from" address and check if it's legitimate. For example, if you received an email from Microsoft, be sure to check if the email address is @microsoft.com and not something suspicious like @m1crosoft.com, @microsfot.com, @account-security-noreply.com, etc.
  • Check for generic greetings: If the greeting in the email is "Dear user", "Dear @youremail.com", "Dear valued customer", this should raise suspiciousness. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
  • Check the links in the email: Hover your mouse over the link presented in the email, if the link that appears seems suspicious, don't click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to firebasestorage.googleapis.com/v0... you shouldn't trust it. It's best not to click any links in the emails but to visit the company website that sent you the email in the first place.
  • Don't blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and to view any documents there; if you received an email with an attachment, it's a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.

To minimise the risk of opening phishing and malicious emails we recommend using Combo Cleaner Antivirus for Windows

Example of a spam email:

Example of an email spam

What to do if you fell for an email scam?

  • If you clicked on a link in a phishing email and entered your password - be sure to change your password as soon as possible. Usually, cybercriminals collect stolen credentials and then sell them to other groups that use them for malicious purposes. If you change your password in a timely manner, there's a chance that criminals won't have enough time to do any damage.
  • If you entered your credit card information - contact your bank as soon as possible and explain the situation. There's a good chance that you will need to cancel your compromised credit card and get a new one.
  • If you see any signs of identity theft - you should immediately contact the Federal Trade Commission. This institution will collect information about your situation and create a personal recovery plan.
  • If you opened a malicious attachment - your computer is probably infected, you should scan it with a reputable antivirus application. For this purpose, we recommend using Combo Cleaner Antivirus for Windows.
  • Help other Internet users - report phishing emails to Anti-Phishing Working Group, FBI’s Internet Crime Complaint Center, National Fraud Information Center and U.S. Department of Justice.

Frequently Asked Questions (FAQ)

Why did I receive this email?

Spam emails are not personal. Cyber criminals distribute this mail in mass-scale operations with the hopes that at least some of the recipients will be tricked by their scams.

Was my computer actually hacked and does the sender have any information?

No, all the claims made by "Your Account Was Hacked" emails are fake. Therefore, neither has your computer been infected nor does the sender made any explicit recordings featuring you.

How did cyber criminals get my email password?

The most likely scenario is that you have become a victim of a phishing scam. These scams operate by tricking users into entering information (e.g., email or other account passwords, etc.) into phishing websites or files. These sites/files are typically disguised as sign-in webpages, registration or subscription forms, and so on. It is also possible that the scammers obtained your email password due to a data breach on a service provider's side.

I have sent cryptocurrency to the address presented in this email, can I get my money back?

No, most likely, not. Cryptocurrency transactions are practically untraceable - which makes them irreversible.

I have provided my personal information when tricked by a spam email, what should I do?

If you've provided account log-in credentials - immediately change the passwords of all potentially exposed accounts and inform their official support. And if you have disclosed other private data (e.g., ID card details, credit card numbers, etc.) - contact the relevant authorities without delay.

I have read a spam email but didn't open the attachment, is my computer infected?

No, opening a spam email will not trigger any malware download/installation processes. Infections are initiated when an attached file or a link presented inside the email is opened.

I have downloaded and opened a file attached to a spam email, is my computer infected?

Whether an infection was jumpstarted might depend on the file's format. If it was an executable (.exe, .run, etc.) - most likely, yes - your system was infected. However, document formats (.doc, .xls, .pdf, etc.) may need additional actions (e.g., enabling macro commands) to initiate malware download/installation.

Will Combo Cleaner remove malware infections present in email attachments?

Yes, Combo Cleaner is capable of detecting and eliminating most of the known malware infections. It has to be stressed that running a complete system scan is essential - since malicious programs usually hide deep within systems.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
Your Account Was Hacked spam QR code
Scan this QR code to have an easy access removal guide of Your Account Was Hacked spam on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.